NEWS: Abril (17/04 - 23/04) - 16 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

23/04
3 Common IoT Attacks that Compromise Security
Analysts flag China link to ‘India Post’ phishing scam
Animated QR codes: how do they work, and how to create your own?
Binance TAKES BACK $5 Million+ in Stolen Crypto from North Korean Hacker Group 'Lazarus'...
Cloud storage: Zero trust’s ultimate defense
Critical US Power Grid Hardware Wide Open With Backdoors, Warns CISA
Cyber attack shuts Costa Rica govt systems
Cyberattacks rise at oil firms as hackers step up their game
Dangerous malware is up 86%: Here’s how AI can help
Hacking Viruses Cause Criminal Activites
Hone your skills with lifetime access to a top-rated course library
How Vulnerable Are You To A Cyberattack? Here's How To Know
Knowledge Sharing: Breaking Down Real-World Attacks to Learn for the Future
LinkedIn users beware – scammers are targeting you
North Korean gang still accessing its $600 million crypto haul
Now Mandiant says 2021 was a record year for exploited zero-day security bugs
Phishing attacks using the topic “Azovstal” targets entities in Ukraine
Russian malware planted from Nigeria in OIL cyber attack
Third-party company with D51 experienced data breach
U.S. Sanctions More North Korean ETH Addresses Over $600M Ronin Hack
Veracode Report Shows Signs of Progress in Securing Software Supply Chain
22/04
3 things you need to know about cryptocurrency scams
5 Signs of Phone Tracking You Should Look Out For
8 mln customers affected by Cash App security breach
Atlassian fixes critical Jira authentication bypass vulnerability
Backup is key for cyber recovery
Chinese hackers behind most zero-day exploits during 2021
Demand for Cybersecurity Skills Rises as Quantum Computing Threats Tighten
Developer snuck apps past Apple that forced users into subscriptions
Extra Online Security for your phone
FBI: Ransomware Attack Risk to Food and Ag Sector
FBI Warns US Farmers of Ransomware Surge
Hackers Use Malicious Google Ads to Steal $4 Million In Crypto Stablecoin
How Common Types of Cyberattacks Are Evolving
How Geopolitical Events Should Shape Data Security Posture
In a remote-work world, a zero-trust revolution is necessary
Indian Petroleum Refineries network faces enormous cyber attacks from October 2021 to April 2022
LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave
Malware rouba quase 20 mil usuários de serviços estaduais
Managing Risk of Insider Threats in Healthcare Cybersecurity
Moving Beyond Security Culture Bottlenecks
Navigating a changing cyber security landscape
Optimizing Security in Data Collection Processes
QNAP Advises Users to Update NAS Firmware to Patch Apache HTTP Vulnerabilities
Ransomware attacks are hitting universities hard, and they are feeling the pressure
Remotely exploitable flaws found in codec used by many Android phones
Researcher Releases PoC for Recent Java Cryptographic Vulnerability
REvil resurrected? Ransomware crew appears to be back. Keyword: Appears
Russian hackers are seeking alternative money-laundering options
Skeletons in the Closet: Security 101 Takes a Backseat to 0-days
Snapshots vs backup: Use both for optimum RPOs
SuperCare Health Faces Lawsuits Over Data Breach
T-Mobile confirms Lapsus$ hackers breached internal systems
Tackling Cybersecurity Vulnerabilities in School Systems
The Great Resignation meets the Great Exfiltration: How to securely offboard security personnel
The most powerful hacking tools are no longer in the hands of governments alone
Ukraine ramps up cyber defences to slow surge in attacks
Vulnerability in AWS Log4Shell hot patch allowed full host takeover
Vulnerable infrastructure operators are 'switching off' security to avoid downtime
Wawa Sues Mastercard Over Data Breach Penalties
Zero-Day Exploit Use Exploded in 2021
Zero-Trust For All: A Practical Guide
21/04
60% of BYOD companies face serious security risks
Adaptive Health Integrations Data Breach Impacts 510K
Amazon's Hotpatch for Log4j Flaw Found Vulnerable to Privilege Escalation Bug
Another School District Says Student Data Breached Within an Illuminate Education Product
Austrac outlines how to spot ransomware and detect abuse of digital currencies
Beanstalk DeFi project robbed of $182 million in flash loan attack
Bob's Red Mill Reports Data Breach
Citibank, Wells Fargo, Chase… Watch Out for Fake Bank Text Messages — Phishing & Zelle Scams
Costa Rica's Alvarado says cyberattacks seek to destabilize country as government transitions
Critical bug in Android could allow access to users' media files
Critical Chipset Bugs Open Millions of Android Devices to Remote Spying
Cisco Umbrella default SSH key allows theft of admin credentials
CVE-2022-20685 flaw in the Modbus preprocessor of the Snort makes it unusable
Cybersecurity Advisory warns of Russian-backed cyber threats to infrastructure
Digging Into the Science of Behaviour to Tackle Cyber Extortion
Docker servers hacked in ongoing cryptomining malware campaign
FBI: BlackCat ransomware breached at least 60 entities worldwide
Feds warn of 'exceptionally aggressive' ransomware threat targeting healthcare
Financial leaders grappling with more aggressive and sophisticated attack methods
Five Eyes advisory warns more malicious Russian cyber activity incoming
Five Eyes Agencies Issue Detailed Russian Cyber-Threat Warning
Flash Loan Attack Takes Beanstalk Defi Platform for $182 Million, Largest Yet of Its Type
Google: Record Year for Zero Days in 2021
Hackers earn $400K for zero-day ICS exploits demoed at Pwn2Own
Hackers Sneak 'More_Eggs' Malware Into Resumes Sent to Corporate Hiring Managers
Hive hackers are exploiting Microsoft Exchange Servers in ransomware spree
How fast do cybercriminals capitalize on new security weaknesses?
How to Test Your Browser’s Security
International Data Corporation Confirms Recent Data Breach
Leaks Fail to Dent Conti's Successful Ransomware Operation
Lincoln College was already struggling. Then came ransomware
Microsoft Exchange Server users are being targeted by Hive ransomware attack
Mortgage servicer data breach affects 2.5 million; Crypto wallet provider warns iOS users
New Incident Report Reveals How Hive Ransomware Targets Organizations
North Korea Funding Nuclear Program with Cyber Activity
Paying Cyber Ransoms Won't Get Your Data Back, ESG Finds
Phishing Attacks Jumped 29 Percent in 2021, New Zscaler Research Finds
Phishing emails targeting LinkedIn accounts are on the rise. Here's what to watch out for
QNAP asks users to mitigate critical Apache HTTP Server bugs
Ransomware Targeting Virtualization Platforms on the Rise
REvil ransomware group's infrastructure comes back online hinting at fresh campaign
Slow deployment is hampering fraud prevention. What gives?
State Bank of India (SBI) warns customers of phishing scam: Here’s how to protect yourself
Static SSH host key in Cisco Umbrella allows stealing admin credentials
Strengthening the ability of public companies to combat cybersecurity threats
The state of open-source software supply chain security in 2022
Vulnerabilities that kept security leaders busy in Q1 2022
Two-Thirds of Global Banks Report Surge in Destructive Attacks
Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails
US, Australia, Canada, New Zealand, and the UK warn of Russia-linked threat actors’ attacks
Verizon’s Data Breach Report – Insights for Cloud Security Professionals
Warrior Trading forced to pay $3 million for 'misleading' day trading scheme
Why Uploading Your Personal Data on Social Media is a Bad Idea
20/04
60% of Healthcare Orgs Say Third-Party Risk Management Needs Improvement
Adaptive Health Integrations Data Breach Affects More than 510,000 Individuals
Amazon Web Services fixes container escape in Log4Shell hotfix
Anonymous "OpRussia" Reports Metro System Hack, Counter-Disinformation Milestone
Behind the push to finally eliminate passwords
Beware of Fake Windows 11 Update Delivering Malware
Brave adds Discussions to enrich its search results
Check Your Messages: Scam Texts on the Rise
Crypto-related phishing and how to avoid it
Cyber-Attackers Hit Sunwing Airlines
Cybercriminals are finding new ways to target cloud environments
DDoS and Ransomware: A Prevalent and Potent Blend
Develop projects more efficiently with this certification bundle deal
Discover the top three cybersecurity essentials for universities
Double extortion ransomware surges
FBI Releases AvosLocker Ransomware Advisory
FBI Warns of Ransomware Attacks on Farming Co-ops During Planting, Harvest Seasons
FBI warns of ransomware attacks targeting US agriculture sector
Five ransomware attacks in 2022 so far you should know about
Global Dwell Time Drops but EMEA Lags
Google: 2021 was a Banner Year for Exploited 0-Day Bugs
Google Project Zero Detects a Record Number of Zero-Day Exploits in 2021
Google: We're spotting more zero-day bugs than ever. But hackers still have it too easy
HHS sounds alarm on 'exceptionally aggressive' ransomware group
How ready are organizations to manage and recover from a ransomware attack?
IT leaders require deeper security insights to confidently manage multi-cloud workloads
Kaspersky offers free decryptor tool to deal with Yanluowang ransomware
LAZARUS APT Using TraderTraitor Malware to Target Blockchain Orgs, Users
Microsoft Defender flags Google Chrome updates as suspicious
Microsoft Exchange servers hacked to deploy Hive ransomware
Modern Bank Heists 5.0: The Escalation from Dwell to Destruction
More than 42 million people in UK have had their financial data hacked
Okta: Just Two Customers Impacted by Lapsus Breach
Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers
Okta says Lapsus$ breach hit just two customers
Phishing alert: How cybercriminals are using India Post to steal money from gullible citizens
Ransomware: This gang is getting a lot quicker at encrypting networks
Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System
REvil's TOR sites come alive to redirect to new ransomware operation
Russian state hackers hit Ukraine with new malware variants
Scam apps on Apple’s macOS App Store won’t let you quit until you pay a subscription
The Basics of Cloud Security for Your Business
The evolving role of the lawyer in cybersecurity
The New Cyberthreat To Healthcare: Killware
The Top 5 Security Orchestration Myths
Time to get patching: Oracle's quarterly Critical Patch Update arrives with 520 fixes
UK Government Staff Hit with Billions of Malicious Emails in 2021
US and allies warn of Russian hacking threat to critical infrastructure
US Government: North Korean Threat Actors Are Targeting Cryptocurrency Organizations
Vermont Eyecare Practice Suffers Data Breach Affecting 30K Patients
‘Zero-Day’ Hacks Hit Record in 2021, Google Researchers Say
What’s a vCISO and why does your company need one?
19/04
81% of codebases contain known open source vulnerabilities
Attacker Accessed Dozens of Repositories After OAuth Token Theft
Blockchain warning: Hackers are targeting developers and DevOps teams
‘CatalanGate’ Spyware Infections Tied to NSO Group
Comelec withholds payment to Smartmatic amid data breach controversy
Corvus Insurance finds 2021 average ransoms paid by quarter were down 44.2%
Court rules that data scraping is legal in LinkedIn appeal
Cyberattacks Pose ‘Existential Risk’ To Colleges—And Sealed One Small College’s Fate
Cybersecurity a boardroom blindspot
Data Breach Resolution 22% Faster in 2021 for Organizations Embracing Intelligent Automation
Digital ID verification: Using a mobile device to prove your identity
Don't Want Your Phone Carrier Tracking Your Personal Data? You Can Tell It to Stop
Double Extortion Ransomware Increased Almost 500% in 2021, CipherTrace Reports
Experts Uncover Spyware Attacks Against Catalan Politicians and Activists
Funky Pigeon pauses all orders after 'security incident'
Funky Pigeon shuts website and pauses orders after cyber attack – are you at risk?
Funky Pigeon suspends orders after cyber-attack
Funky Pigeon Suspends Orders Following Cyber-Attack
GitHub notifies owners of private repos stolen using OAuth tokens
Google fixes Chrome zero day being used in exploits in the wild
How much are cyber breaches costing UK businesses?
India is among the top five countries with the most data breaches
Lazarus Gets Banned by Tornado Cash for Hacking $600 Million From Axie Infinity’s Ronin Bridge
Lenovo patches UEFI firmware vulnerabilities impacting millions of users
LinkedIn Becomes the Most Impersonated Brand for Phishing Attacks
LinkedIn brand takes lead as most impersonated in phishing attacks
March 2022 Healthcare Data Breach Report
March 2022’s most wanted malware: Revenge RAT asserts its dominance in the UAE followed by Emotet
MetaMask Asks Apple Users to Disable iCloud Backup for Wallet After User Lost $650,000
Microsoft: We're boosting our bug bounties for these high-impact security flaws
Mismanaged IAM Can Lead to Data Breaches
Moving towards defense in depth under the gray skies of conflict
New Lenovo UEFI Firmware Vulnerabilities Affect Millions of Laptops
New Security Priorities Report Details What Security Leaders Need to Plan for Next
New stealthy BotenaGo malware variant targets DVR devices
Night Sky: A Short-Lived Threat from a Long-Lived Threat Actor
North Korea aims 'TraderTraitor' malware at cryptocurrency workers
Northern Ireland law firms urged to prioritise defences against cyber attacks
Pegasus Spyware Targeted UK Prime Minister, Say Researchers
Ransomware Evolves from “Spray and Pray” to Multi-billion Mega Industry
Ransomware needs to form part of any business disaster recovery planning
Rethinking Cyber-Defense Strategies in the Public-Cloud Age
Ronin Crypto Heist of $618m Traced to North Korea
State of Pentesting 2022 report: Interactive event and open discussion
The changing role of the CCO: Champion of innovation and business continuity
The state of coordinated vulnerability disclosure policies in EU
UK: Prime Minister Johnson's office hacked? Research group claims Pegasus spyware behind attack
US Officials Increase Warnings About Russian Cyber-Attacks
WH Smith Says Its Funky Pigeon Was Victim of Cyberattack
Why you shouldn’t reply to this ATO scam text message
18/04
4 steps for building an orchestrated authorization policy for zero trust
9 types of password hacking attacks and how to avoid them
16 Essential Early Steps In Creating An Effective Zero-Trust Environment
Apple Users Warned By MetaMask Over Potential Phishing Attacks Via iCloud
Apr 10 – Apr 16 Ukraine – Russia the silent cyber conflict
Beanstalk DeFi platform loses $182 million in flash-load attack
Blue Earth County releases report on insider data breach that began in 2020
Can GitOps Improve Application Security?
Can you predict ransomware attacks before they happen?
CISA adds VMware, Chrome flaws to its Known Exploited Vulnerabilities Catalog
Currency.com Evades Russian DDoS Cyber Attack
Data Breach Update: Cytometry Specialists, Inc. d/b/a CSI Laboratories
Data Breaches: Current Open Lawsuits and Settlements
DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii
Escalation of Cybercrime-As-A-Service Has Major Ramifications
Here Are 5 Cloud Security Predictions for 2022
How Cloud-Based Solutions Might Mitigate EMR Security Risks
HowTo: Create a Cyber Maturity Strategy
It’s Time To Protect The Most Unprotected Part Of The Modern Workforce: Humans
New SolarMarker Malware Variant Using Updated Techniques to Stay Under the Radar
<