NEWS: Abril (18/04 - 24/04) - 16 Semana de 2021

24/04
5.6 Million Records That Appear to Belong to ‘Reverb’ Users Leaked Online - TechNadu
Click Studios ‘Passwordstate’ Compromised by Supply Chain Actors - TechNadu
Enterprises need to change passwords following ClickStudios, Passwordstate attack - ZDNet
HashiCorp is the latest victim of Codecov supply-chain attack - Bleeping Computer
Someone Claims to Have VPN Access to Chile’s State Bank - TechNadu

23/04
Apple’s Ransomware Mess Is the Future of Online Extortion - Wired
Bourbon confirms cyber attack - Splash 247
China could 'control the global operating system' of tech, warns UK spy chief - ZDNet
COVID-19 creates a boom in biometric adoption - Help Net Security
New QNAP NAS Flaws Exploited In Recent Ransomware Attacks - Patch It! - The Hacker News
Phishing impersonates global recruitment firm to push malware - Bleeping Computer
Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers - The Hacker News
Ransomware is growing at an alarming rate, warns GCHQ chief - ZDNet
Ransomware's perfect target: Why one industry needs to improve cybersecurity, before it's too late - ZDNet
Security research project: The easiest way to get “experience” and land a job in cybersecurity - Help Net Security
Tech giants and cops at least agree thwarting terrorist or extremist activity is a joint effort - ZDNet
ToxicEye: Trojan abuses Telegram platform to steal your data - ZDNet
Transitioning to a SASE architecture - Help Net Security
Twitter accidentally sends suspicious emails asking to confirm accounts - Bleeping Computer
Twitter accidentally spams users asking them to confirm accounts - ZDNet
What IT leaders are prioritizing in network security investments? - Help Net Security

22/04
67% of IT pros concerned with teleworking endpoint misuse - Help Net Security
Best free PC antivirus software in 2021 - ZDNet
Botnet backdoors Microsoft Exchange servers, mines cryptocurrency - Bleeping Computer
Cloud Sniper: Manage and automate cloud security operations - Help Net Security
Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass - Help Net Security
Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion - The Hacker News
How micro-segmentation creates an uphill battle for intruders - Help Net Security
Infosecurity transformation and building proactive mitigation strategies - Help Net Security
Malware and ransomware gangs have found this new way to cover their tracks - ZDNet
Now this botnet is hunting for unpatched Microsoft Exchange servers - ZDNet
IT security teams deal with unique challenges fueled by a remote workforce - Help Net Security
Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities - Help Net Security
New US Justice Department team aims to disrupt ransomware operations - ZDNet
Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches - Help Net Security
Researchers Find Additional Infrastructure Used By SolarWinds Hackers - The Hacker News
ServiceNow launches unified agent platform, aims to meld diagnostics with incident automation - ZDNet
SolarWinds hack analysis reveals 56% boost in command server footprint - ZDNet

21/04
Attackers are exploiting zero-day in Pulse Secure VPNs to breach orgs (CVE-2021-22893) - Help Net Security
CISA orders federal orgs to mitigate Pulse Secure VPN bug by Friday - Bleeping Computer
Codecov breach impacted ‘hundreds’ of customer networks: report - ZDNet
Complexity and budgetary constraints complicate cloud security - Help Net Security
Cybersecurity only the tip of the iceberg for third-party risk management - Help Net Security
Easy-to-guess default device passwords are a step closer to being banned - ZDNet
Fraude em anúncio de smart TVs afeta um milhão de celulares Android - Olhar Digital
Google fixes exploited Chrome zero-day dropped on Twitter last week - Bleeping Computer
Hackers are targeting flaws in these VPN devices now. Here's what you need to do - ZDNet
Hackers found leveraging three SonicWall zero-day vulnerabilities - Help Net Security
How do I select an identity management solution for my business? - Help Net Security
Instagram debuts new tool to stop abusive message salvos made through new accounts - ZDNet
Linux bans University of Minnesota for committing malicious code - Bleeping Computer
Logins for 1.3 million Windows RDP servers collected from hacker market - Bleeping Computer
Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices - Bleeping Computer
Microsoft Autoruns is crashing when listing Windows 10 startups - Bleeping Computer
Most users don’t know the capabilities and risks of QR codes - Help Net Security
New Australian cyber package includes AU$37.5m Indo-Pacific investment - ZDNet
Rapid7 acquires open-source project Velociraptor - ZDNet
Securing vehicles from potential cybersecurity threats - Help Net Security
User ability to opt-out key in Google FLoC debacle - ZDNet
Zero-day vulnerabilities in SonicWall email security are being actively exploited - ZDNet
WhatsApp Pink malware can now auto-reply to your Signal, Telegram texts - Bleeping Computer
Windows 10 Task Manager now lets you throttle resource-hungry apps - Bleeping Computer

20/04
Approaching zero trust security strategically - Help Net Security
CISO’s guide to automating third-party cyber risk management - Help Net Security
Consumer data protection is a high priority, but there’s still work to be done - Help Net Security
Crooks stole driver’s license numbers from Geico auto insurer - Security Affairs
Employees don’t want to give up work flexibility after the pandemic is over - Help Net Security
Even though critical, web application security is getting less attention - Help Net Security
“eWhoring” Actors Are Making Money by Scamming Others Using Stolen Nudes - TechNadu
Facebook Messenger users targeted by a large-scale scam - Help Net Security
Is Facebook a “Party” to Capture of Offline Activity? - Security Focus
Latest Version of ‘Plantronics HUB’ Vulnerable to Privilege Escalation - TechNadu
Log Data is Not Effective as a Foundation for Prevention, Detection, Remediation or Analytics - Security Focus
Massive Scam Campaign Promoting Fake Facebook Messenger Updates - TechNadu
Monero Cryptominer Attack Exploits Exchange Server Flaw - Security Focus
Number of users of software-based facial recognition for payments to surge - Help Net Security
REvil gang tries to extort Apple, threatens to sell stolen blueprints - Bleeping Computer
The Effects of the Codecov Supply Chain Attack Begin to Unravel - TechNadu
WeChat users targeted by hackers using recently disclosed Chromium exploit - Security Affairs
WiFi Smart Air Fryer Could Be Set to Max Temp by Remote Actors - TechNadu

19/04
Babuk Has a “Message for Journalists” Meant to Intimidate Victims - TechNadu
Bad bot traffic reaching an all-time high over the past year - Help Net Security
Coding error allowed attackers to delete Facebook live video - ZDNet
COVID-19-themed cyberattack detections continue to surge - Help Net Security
Crooks made more than $560K with a simple clipboard hijacker - Security Affairs
Digital business requires a security-first mindset - Help Net Security
Everything you need to know about the Microsoft Exchange Server hack - ZDNet
Experts demonstrated how to hack a utility and take over a smart meter - Security Affairs
Five steps to get employees invested in security awareness training - Help Net Security
Geico data breach exposed customers' driver's license numbers - Bleeping Computer
Google Alerts continues to be a hotbed of scams and malware - Bleeping Computer
'High-level' organiser of FIN7 hacking group sentenced to ten years in prison - ZDNet
Improper cloud IAM leaving organizations at risk - Help Net Security
Leaked iPhone 13 Photograph Shows Smaller Notch - TechNadu
Malware That Spreads Via Xcode Projects Now Targeting Apple's M1-based Macs - The Hacker News
Mastercard buys digital identity firm Ekata for $850 million - ZDNet
Nitroransomware demands gift codes as ransom payments - Security Affairs
Passwordless: More Mirage Than Reality - The Hacker News
Payment transaction volume using 3-D Secure protocol grows globally - Help Net Security
Rogers is down: Canadian users report voice and data outages - Bleeping Computer
XCSSET malware now targets macOS 11 and M1-based Macs - Security Affairs

18/04
Discord Nitro gift codes now demanded as ransomware payments - Bleeping Computer
Facebook privacy breach - Lesson for Organisations to learn from this - Zee Business
Filipino-Korean cybercriminals, hackers busted in Angeles - Sun Star
Hackers are targeting Pakistani taxpayers with FBR emails containing harmful malware, warns FBR - Tech juice
Ireland’s Privacy Commission begins a large-scale data breach investigation on Facebook - Dividend Wealth
New modus operandi by fraudsters to withdraw money from ATMs - Mint
Phone House suffers a cyber attack: data from 3 million Spanish customers at stake | Technology - Explica CO
Students warned of data breach after cyberattack hits UC system - Digital Journal
Swinburne University's data breach hits over 5,000 individuals - The Times Of India
Thousands of queer men’s details stolen in cyber attack on gay dating site Manhunt - Pink News
What Is Logic Bomb Malware and How Can You Prevent It? - Make Use Of