NEWS: Abril (24/04 - 30/04) - 17 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

30/04
Atlassian doubles the number of orgs affected by two week outage
CERT-In’s directions on reporting data breach will hold companies accountable: Experts
Check your cyberattack response steps before it becomes a concern
Cloud Migration is in Full Swing: How to Achieve Security at Every Stage of Adoption
Court Rejects Demand for “Corrective” Notice in Blackbaud Data Breach MDL
DDos cyberattack by pro-Russian cyber gang Killnet hit Romanian websites
Emotet tests new attack chain in low volume campaigns
Fake Windows 10 updates infect you with Magniber ransomware
Fourth Circuit Holds Statements About Importance of Data Security Not Actionable
How cyber security history repeats itself
How to unlock the cybersecurity potential of quantum computers
How two Palm Beach County hospitals used paper to cope with a cyber attack
Kaspersky shares 10 tips for safe online shopping
LA County Department of Mental Health Compromised by Phishing Attack
Martin Lewis Bitcoin scam: Met Police issue warning - what we know so far
Microsoft Azure flaws could allow accessing PostgreSQL DBs of other customers
Over 20,000 people’s data potentially compromised in phishing scam targeting Valley View Hospital
OWASP® Global AppSec US 2021 Virtual – Anna Lezhikova’s ‘How To Build A Security Mindset’
OWASP® Global AppSec US 2021 Virtual – Brian Glas’ ‘The How And Why Of The OWASP Top Ten 2021’
Pro-Russian group Killnet launched DDoS attacks on Romanian govt sites
Russian attacks conspicuously focus on wind power operators
Trinidad and Tobago: 7 of 23 Massy Stores branches reopen day after cyber attack
29/04
4 Tips to Maximize Your API Security
308,000 exposed databases discovered, proper management is key
Anonymous hacked Russian PSCB Commercial Bank and companies in the energy sector
Austin Peay State University releases update on Ransomware Attack
Beware of new Black Basta ransomware! Here is what damage it can cause
Breast Cancer Charity Exposed Sensitive Images of U.S. Patients
Bumblebee Malware Loader Has a Sting in the Tail
Companies poorly prepared to meet CCPA, CPRA and GDPR compliance requirements
Corporations in South Africa protected against cyberthreats, but remote work adds more threats
Critical vulnerabilities open Synology, QNAP NAS devices to attack
Cyber Attacks Hit Romanian Government Websites
Cyberespionage APT Now Identified as Three Separate Actors
Data breach at US healthcare provider ARcare impacts 345,000 individuals
Data-wiper malware strains surge as Ukraine battles ongoing invasion
Eliminate the data packrat mentality
Expanding the Conti Ransomware IoCs Using WHOIS and IP Clues
Experts say BlackCat ransomware isn’t more of a problem than any other ransomware strain
Finnish Hotels' Data Compromised
FINRA Alerts BDs to Email Phishing Scams
Five Eyes Agencies List Top 15 Most Exploited Bugs of 2021
German wind farm operator confirms cybersecurity incident
Google Adds New Warning to Curb Phishing Scams
Hackers Claim Data Breach at Coca-Cola
Hard drives, equipment containing personal information stolen from L&I in Tukwila
Health Care Organizations Warned of Aggressive Ransomware Threat
Huge losses and cyber attack brought down modular construction firm
India gives local techies 60 days to hit 6-hour deadline for infosec incident reporting
India to require cybersecurity incident reporting within six hours
Is Voice-over-Internet Protocol (VoIP) Secure?
Leadership and recruitment changes needed to address burnout in cybersecurity
Los Angeles County Department of Mental Health Compromised by a Cyber Attack
Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine
Months after ransomware attack, New Mexico county adopts cybersecurity policy
North Korea’s Lazarus APT Is Targeting Blockchain Companies With Crypto-Stealer Malware
Online library app Onleihe faces issues after cyberattack on provider
Ransomware Defense Plans: Don't Stockpile Cryptocurrency
Recovery from Log4Shell vulnerability is ongoing with 77% of organizations still in patching mode
Responding to Risks From the Russia-Ukraine War
Russian hacktivists launch DDoS attacks on Romanian govt sites
Secret School District Crypto Miner Resig
Security for 5G and the Intelligent Edge
Sharp increase in cyberattacks in TT, region
Smile Brands Updates Breach Information, 2.6M Affected
'Sophisticated' Ransomware Attack Hits Westchester Libraries
The Cybersecurity Risk No One Talks About—Until It’s Too Late
The Most Common Business Email Cyberattacks
This phishing campaign delivers malware that steals your passwords and chat logs
Three Ways To Explain Security Needs To CEOs
Trindad and Tobago: Cyber attack forces all 21 Branches of Massy Stores to suspend operations
Vulnerable plugins plague the CMS website security landscape
28/04
1.2 Million Bad Apps Blocked From Reaching Google Play in 2021
78% increase in ransomware attacks in last year
80% of data breaches caused by lack of cyber security skills
Android security: We stopped billions of harmful app downloads, says Google
API Security is Necessary to Stop Threats that WAFs and Bot Protection Cannot
Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens
Austin Peay State University resumes after ransomware cyber attack
Bar Council and northern law firm Ward Hadaway hit by cyber attacks
Behind the Curtains of the Ransomware Economy – The Victims and the Cybercriminals
Canadian businesses scrambling to defend against cyberattacks uptick
Cloudflare has blocked one of the largest DDoS attacks of all time
Coca-Cola Investigates Potential Data Breach By Russian Hackers
Coca-Cola Investigating Claims that a Ransomware Gang Stole Sensitive Data
Cybercriminals deliver IRS tax scams and phishing campaigns by mimicking government vendors
Cybercriminals Using New Malware Loader 'Bumblebee' in the Wild
Do you trust that file? Google will now warn you about suspicious files on the web
Double extortion Ransomware attacks have seen an exponential growth
Enhance cybersecurity posture by switching to a prevention-first approach
Experts Detail 3 Hacking Teams Working Under the Umbrella of TA410 Group
ExtraReplica: Microsoft patches cross-tenant bug in Azure PostgreSQL
Far-right France website probed after 'leak' of Muslim personal data
Four Comprehensive Cybersecurity Practices in the Age of Remote Work
Google blocked an alarming number of dangerous Android apps last year
Hackers have found a sneaky new way to infect Windows devices
How to build a culture of trust in a zero trust environment
How Training Employees About Ransomware Can Mitigate Cyber Risk
India's Critical Infrastructure Witnessed 70% Jump In Ransomware Attacks In 2021
Log4j flaw: Thousands of applications are still vulnerable, warn security researchers
Medical software firm fined €1.5M for leaking data of 490k patients
Microsoft: Russia Has Launched Hundreds of Cyber Operations in Ukraine
Microsoft was the most impersonated brand in phishing attacks in 2021
NAM data leak: Earthquake victims' data shared with Ministry
New Bumblebee malware replaces Conti's BazarLoader in cyberattacks
New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer
NPM flaw let attackers add anyone as maintainer to malicious packages
Portland Anesthesiology Practice Faces Lawsuit Over Data Breach
Post-pandemic priorities for security leaders
Ransom payment is roughly 15% of the total cost of ransomware attacks
Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list
Russian Hackers Are Targeting Europe's Renewable Energy Infrastructure
Security Alert as Researchers Discover 400,000 Exposed Databases
Solving data privacy challenges starts with people-centric security
Stormous Claims Credit for Ransomware Attack on Coca-Cola
The 15 most exploited vulnerabilities in 2021
This new phishing scam can steal your Facebook account
Ukraine targeted by DDoS attacks from compromised WordPress sites
Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack
We're all still making these ridiculous password mistakes
Why Security Must be the Focus of Modern Banking
27/04
6 Best Data Security Practices You Can Start Today
10 Security Technologies to Secure Remote Work
American Dental Association and Tenet Healthcare Recovering from Cyberattacks
Analyzing the Surprising Data from The State of Ransomware 2022 Report with Chet Wisniewski
Attackers' Median Dwell Time Drops to 3 Weeks
Below the surface: Group-IB identified 308,000 exposed databases in 2021
Bronze President spies on Russian targets as Ukraine invasion continues
Chinese Hackers Targeting Russian Military Personnel with Updated PlugX Malware
Chinese state-backed hackers now target Russian state officers
Cloudflare Thwarts Record DDoS Attack Peaking at 15 Million Requests Per Second
Coca-Cola Investigates Data Breach Claim
Cyber attack apparently paralyzed wind turbines
Cyber-attack defense: CIS Benchmarks + CDM + MITRE ATT&CK
Cyber Skills Gap Linked to Breaches
Cybersecurity agencies reveal top exploited vulnerabilities of 2021
Cybersecurity incident disrupts operations at Tenet hospitals
Data loss and cyber crime in numbers
East Windsor still needs to address email hack
Emotet is Back From ‘Spring Break’ With New Nasty Tricks
Explaining Cloud Native Application Security
Four Crypto And Blockchain Phishing Scams To Be Aware Of Before You Get Excited About Web3
French hospitals cut internet connection after a data extortion
German banking scam could soon be used to target other countries
GitHub: How stolen OAuth tokens helped breach dozens of orgs
Google's New Safety Section Shows What Data Android Apps Collect About Users
Governments under attack must think defensively
How Emotet flooded Japanese inboxes
How to deal with security challenges fueled by multicloud environments
How to detect phishing images in emails
How To Upgrade the Insurance Industry’s Cybersecurity Posture
India sees 70% spike in ransomware attacks on critical infrastructure
Jornal Económico targeted by computer attack
Keep your digital banking safe: Tips for consumers and banks
Microsoft says Russia hit Ukraine with hundreds of cyberattacks
Millions of Java Apps Remain Vulnerable to Log4Shell
Multi-vector DDoS attacks on the rise, attackers indiscriminate and persistent
New Black Basta ransomware springs into action with a dozen breaches
New Nimbuspwn Linux vulnerability gives hackers root privileges
Nimbuspwn Linux Bugs Could Provide Root Access
Number of publicly exposed database instances hits new record
Parrot TDS poses immediate risk to web developers worldwide
Password Configuration – A Key Component to Cyber Security
Private Investigator Admits Role in Hedge Fund Hack
QNAP Advises to Mitigate Remote Hacking Flaws Until Patches are Available
Ransomware Attacks Surged to New Highs in 2021
Ransomware demands are growing, but life is getting tougher for malware gangs
RIG Exploit Kit drops RedLine malware via Internet Explorer bug
Russia Is Being Hacked at an Unprecedented Scale
Siloed technology management increases operational blind spots and cyber risk
SMBs Targeted in 80% of Ransomware Attacks
Smile Brands Breach Impacts 2.5 Million Individuals
State of Ransomware Report 2022: 66% Organizations Hit in 2021
Student grades stored in Greek education platform UniverSIS could be manipulated via SQLi
The Challenges of Hybrid Cloud Security Approaches
The hierarchy of cybersecurity needs: Why EASM is essential to any zero-trust architecture
UK Army Data Breach: What You Need to Know
UK Schools Can Sign-Up to Free Government-Grade Security
US Offers $10m for Russian NotPetya Sandworm Team
U.S. Offers $10 Million Bounty for Information on 6 Russian Military Hackers
WhatsApp issues urgent warning to two billion users to delete text now
Who tried to hack Hawaii’s undersea cable?
26/04
5 Data Security Challenges and How to Solve Them
65% of security leaders say they’ve experienced an increase in cyberattacks
Bank Account Hacking Protection: How to save financial accounts from hackers
Bored Ape Yacht Club Customers Lose $3m in NFT Scam
Bored Ape Yacht Club Instagram takeover sees around $3 million in NFTs sail away
Coca-Cola investigates hackers' claims of breach and data theft
Computer scam locks user's computer, instructs you to call Microsoft technical support
Cyber attack hits upscale Helsinki hotels affecting 15k customers
Cyber Conflict Overshadowed a Major Government Ransomware Alert
Cyber extortion debuts on list of top executive worries
Data Breach Disrupts UK Army Recruitment
Don't fall for this devious phishing scam, Facebook users warned
Email encryption flexibility builds customer trust and business revenue
Emotet Testing New Delivery Ideas After Microsoft Disables VBA Macros by Default
FBI warns US farmers of a higher risk of ransomware attacks
Fraudsters answer security questions better than customers
French Hospitals Cut Internet Connection After Data Raid
Funky Pigeon still battling cyber incident
García de Orta Hospital targeted by a computer attack
Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak
Google and Mandiant Say Record Zero-Day Vulnerabilities Exploited in 2021
Hackers exploit critical VMware RCE flaw to install backdoors
Inside a ransomware incident: How a single mistake left a door open for attackers
Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw
Manage and monitor third-party identities to protect your organization
Massachusetts State Police Issue Alert For Phishing Scams That Claim To Be From US Marshals
Meteoric attack deploys Quantum ransomware in mere hours
North Korean Hackers Target Journalists with GOLDBACKDOOR Malware
Organizations face cybersecurity debt for not prioritizing cybersecurity
Pakistan’s leading bank comes under grip of cyberattacks
Principles for Kubernetes security and good hygiene
Public interest in Log4Shell fades but attack surface remains
Ransomware attacks cost universities over £2M per incident
Russian-affiliates believed to be behind cyber attacks on wind turbines firms
Security Teams Should Be Addressing Quantum Cyber-Threats Now
Shadow IT is a top concern related to SaaS adoption
Siloed Tech Prompts Security Worries
Solara Medical Supplies Faces $5M Proposed Settlement After Data Breach
The Emotet botnet is back, and it has some new tricks to spread malware
The Russia-Ukraine Conflict has Brought Cyberwarfare into the Mainstream
UK’s army recruitment system closed since March after data breach
Ward Hadaway blackmailed after cyber attack
Wawa sues payments giant Mastercard over data breach penalty
25/04
41% of businesses had an API security incident last year
Aeropost.com Asks Customers to Delete Credit Card Information Following Recent Data Breach
Automating Secure Coding Training
BlackCat Ransomware gang breached over 60 orgs worldwide
Brazil sees improvement in data breaches
Canadian businesses are fearful of cyberattacks
CISA adds 7 vulnerabilities to list of bugs exploited in attacks
Conti ransomware cripples systems of electricity manager in Costa Rican town
Costa Rica Refuses to Pay Cyber Ransom
Critical Bug in Everscale Wallet Could've Let Attackers Steal Cryptocurrencies
‘Crypto Bug of the Year’ Fixed — Update Java NOW
CSAM Creator Imprisoned for Life
Data Breach at Burkhart Dental Supply Compromises Sensitive Customer Data
Emotet malware infects users again after fixing broken installer
European Wind-Energy Sector Hit in Wave of Hacks
Experts warn of a surge in zero-day flaws observed and exploited in 2021
FBI seeing ransomware attacks on agriculture sector, warning farmers to protect themselves
FBI: This ransomware written in the Rust programming language has hit at least 60 targets
FCA: Challenger Banks Failing to Spot Money Launderers
French hospital group disconnects Internet after hackers steal data
Geopolitical tensions drive ransomware risks for business
Hack DHS: Homeland Security's first bug bounty turns up 122 vulnerabilities