NEWS: Abril (18/04 - 24/04) - 16 Semana de 2021

24/04

5.6 Million Records That Appear to Belong to ‘Reverb’ Users Leaked Online - TechNadu

Click Studios ‘Passwordstate’ Compromised by Supply Chain Actors - TechNadu

Enterprises need to change passwords following ClickStudios, Passwordstate attack - ZDNet

HashiCorp is the latest victim of Codecov supply-chain attack - Bleeping Computer

Someone Claims to Have VPN Access to Chile’s State Bank - TechNadu

23/04

Apple’s Ransomware Mess Is the Future of Online Extortion - Wired

Bourbon confirms cyber attack - Splash 247

China could 'control the global operating system' of tech, warns UK spy chief - ZDNet

COVID-19 creates a boom in biometric adoption - Help Net Security

New QNAP NAS Flaws Exploited In Recent Ransomware Attacks - Patch It! - The Hacker News

Phishing impersonates global recruitment firm to push malware - Bleeping Computer

Prometei Botnet Exploiting Unpatched Microsoft Exchange Servers - The Hacker News

Ransomware is growing at an alarming rate, warns GCHQ chief - ZDNet

Ransomware's perfect target: Why one industry needs to improve cybersecurity, before it's too late - ZDNet

Security research project: The easiest way to get “experience” and land a job in cybersecurity - Help Net Security

Tech giants and cops at least agree thwarting terrorist or extremist activity is a joint effort - ZDNet

ToxicEye: Trojan abuses Telegram platform to steal your data - ZDNet

Transitioning to a SASE architecture - Help Net Security

Twitter accidentally sends suspicious emails asking to confirm accounts - Bleeping Computer

Twitter accidentally spams users asking them to confirm accounts - ZDNet

What IT leaders are prioritizing in network security investments? - Help Net Security

22/04

67% of IT pros concerned with teleworking endpoint misuse - Help Net Security

Best free PC antivirus software in 2021 - ZDNet

Botnet backdoors Microsoft Exchange servers, mines cryptocurrency - Bleeping Computer

Cloud Sniper: Manage and automate cloud security operations - Help Net Security

Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass - Help Net Security

Hackers Exploit VPN to Deploy SUPERNOVA malware on SolarWinds Orion - The Hacker News

How micro-segmentation creates an uphill battle for intruders - Help Net Security

Infosecurity transformation and building proactive mitigation strategies - Help Net Security

Malware and ransomware gangs have found this new way to cover their tracks - ZDNet

Now this botnet is hunting for unpatched Microsoft Exchange servers - ZDNet

IT security teams deal with unique challenges fueled by a remote workforce - Help Net Security

Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities - Help Net Security

New US Justice Department team aims to disrupt ransomware operations - ZDNet

Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches - Help Net Security

Researchers Find Additional Infrastructure Used By SolarWinds Hackers - The Hacker News

ServiceNow launches unified agent platform, aims to meld diagnostics with incident automation - ZDNet

SolarWinds hack analysis reveals 56% boost in command server footprint - ZDNet

21/04

Attackers are exploiting zero-day in Pulse Secure VPNs to breach orgs (CVE-2021-22893) - Help Net Security

CISA orders federal orgs to mitigate Pulse Secure VPN bug by Friday - Bleeping Computer

Codecov breach impacted ‘hundreds’ of customer networks: report - ZDNet

Complexity and budgetary constraints complicate cloud security - Help Net Security

Cybersecurity only the tip of the iceberg for third-party risk management - Help Net Security

Easy-to-guess default device passwords are a step closer to being banned - ZDNet

Fraude em anúncio de smart TVs afeta um milhão de celulares Android - Olhar Digital

Google fixes exploited Chrome zero-day dropped on Twitter last week - Bleeping Computer

Hackers are targeting flaws in these VPN devices now. Here's what you need to do - ZDNet

Hackers found leveraging three SonicWall zero-day vulnerabilities - Help Net Security

How do I select an identity management solution for my business? - Help Net Security

Instagram debuts new tool to stop abusive message salvos made through new accounts - ZDNet

Linux bans University of Minnesota for committing malicious code - Bleeping Computer

Logins for 1.3 million Windows RDP servers collected from hacker market - Bleeping Computer

Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices - Bleeping Computer

Microsoft Autoruns is crashing when listing Windows 10 startups - Bleeping Computer

Most users don’t know the capabilities and risks of QR codes - Help Net Security

New Australian cyber package includes AU$37.5m Indo-Pacific investment - ZDNet

Rapid7 acquires open-source project Velociraptor - ZDNet

Securing vehicles from potential cybersecurity threats - Help Net Security

User ability to opt-out key in Google FLoC debacle - ZDNet

Zero-day vulnerabilities in SonicWall email security are being actively exploited - ZDNet

WhatsApp Pink malware can now auto-reply to your Signal, Telegram texts - Bleeping Computer

White House: Here's what we've learned from tackling the SolarWinds and Microsoft Exchange server cyber incidents - ZDNet

Windows 10 Task Manager now lets you throttle resource-hungry apps - Bleeping Computer

20/04

Approaching zero trust security strategically - Help Net Security

CISO’s guide to automating third-party cyber risk management - Help Net Security

Consumer data protection is a high priority, but there’s still work to be done - Help Net Security

Crooks stole driver’s license numbers from Geico auto insurer - Security Affairs

Employees don’t want to give up work flexibility after the pandemic is over - Help Net Security

Even though critical, web application security is getting less attention - Help Net Security

“eWhoring” Actors Are Making Money by Scamming Others Using Stolen Nudes - TechNadu

Facebook Messenger users targeted by a large-scale scam - Help Net Security

Is Facebook a “Party” to Capture of Offline Activity? - Security Focus

Latest Version of ‘Plantronics HUB’ Vulnerable to Privilege Escalation - TechNadu

Log Data is Not Effective as a Foundation for Prevention, Detection, Remediation or Analytics - Security Focus

Massive Scam Campaign Promoting Fake Facebook Messenger Updates - TechNadu

Monero Cryptominer Attack Exploits Exchange Server Flaw - Security Focus

Number of users of software-based facial recognition for payments to surge - Help Net Security

REvil gang tries to extort Apple, threatens to sell stolen blueprints - Bleeping Computer

The Effects of the Codecov Supply Chain Attack Begin to Unravel - TechNadu

WeChat users targeted by hackers using recently disclosed Chromium exploit - Security Affairs

WiFi Smart Air Fryer Could Be Set to Max Temp by Remote Actors - TechNadu

19/04

Babuk Has a “Message for Journalists” Meant to Intimidate Victims - TechNadu

Bad bot traffic reaching an all-time high over the past year - Help Net Security

Coding error allowed attackers to delete Facebook live video - ZDNet

COVID-19-themed cyberattack detections continue to surge - Help Net Security

Crooks made more than $560K with a simple clipboard hijacker - Security Affairs

Digital business requires a security-first mindset - Help Net Security

Everything you need to know about the Microsoft Exchange Server hack - ZDNet

Experts demonstrated how to hack a utility and take over a smart meter - Security Affairs

Five steps to get employees invested in security awareness training - Help Net Security

Geico data breach exposed customers' driver's license numbers - Bleeping Computer

Google Alerts continues to be a hotbed of scams and malware - Bleeping Computer

'High-level' organiser of FIN7 hacking group sentenced to ten years in prison - ZDNet

Improper cloud IAM leaving organizations at risk - Help Net Security

Leaked iPhone 13 Photograph Shows Smaller Notch - TechNadu

Malware That Spreads Via Xcode Projects Now Targeting Apple's M1-based Macs - The Hacker News

Mastercard buys digital identity firm Ekata for $850 million - ZDNet

Nitroransomware demands gift codes as ransom payments - Security Affairs

Passwordless: More Mirage Than Reality - The Hacker News

Payment transaction volume using 3-D Secure protocol grows globally - Help Net Security

Rogers is down: Canadian users report voice and data outages - Bleeping Computer

The FBI removed hacker backdoors from vulnerable Microsoft Exchange servers. Not everyone likes the idea - ZDNet

XCSSET malware now targets macOS 11 and M1-based Macs - Security Affairs

18/04

Discord Nitro gift codes now demanded as ransomware payments - Bleeping Computer

Facebook privacy breach - Lesson for Organisations to learn from this - Zee Business

Filipino-Korean cybercriminals, hackers busted in Angeles - Sun Star

Hackers are targeting Pakistani taxpayers with FBR emails containing harmful malware, warns FBR - Tech juice

Ireland’s Privacy Commission begins a large-scale data breach investigation on Facebook - Dividend Wealth

New modus operandi by fraudsters to withdraw money from ATMs - Mint

Phone House suffers a cyber attack: data from 3 million Spanish customers at stake | Technology - Explica CO

Students warned of data breach after cyberattack hits UC system - Digital Journal

Swinburne University's data breach hits over 5,000 individuals - The Times Of India

Thousands of queer men’s details stolen in cyber attack on gay dating site Manhunt - Pink News

What Is Logic Bomb Malware and How Can You Prevent It? - Make Use Of

NEWS: Abril (11/04 - 17/04) - 15 Semana de 2021