NEWS: Abril (24/04 - 30/04) - 17 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

30/04

Atlassian doubles the number of orgs affected by two week outage

CERT-In’s directions on reporting data breach will hold companies accountable: Experts

Check your cyberattack response steps before it becomes a concern

Cloud Migration is in Full Swing: How to Achieve Security at Every Stage of Adoption

Court Rejects Demand for “Corrective” Notice in Blackbaud Data Breach MDL

DDos cyberattack by pro-Russian cyber gang Killnet hit Romanian websites

Emotet tests new attack chain in low volume campaigns

Fake Windows 10 updates infect you with Magniber ransomware

Fourth Circuit Holds Statements About Importance of Data Security Not Actionable

How cyber security history repeats itself

How to unlock the cybersecurity potential of quantum computers

How two Palm Beach County hospitals used paper to cope with a cyber attack

Kaspersky shares 10 tips for safe online shopping

LA County Department of Mental Health Compromised by Phishing Attack

Martin Lewis Bitcoin scam: Met Police issue warning - what we know so far

Microsoft Azure flaws could allow accessing PostgreSQL DBs of other customers

Over 20,000 people’s data potentially compromised in phishing scam targeting Valley View Hospital

OWASP® Global AppSec US 2021 Virtual – Anna Lezhikova’s ‘How To Build A Security Mindset’

OWASP® Global AppSec US 2021 Virtual – Brian Glas’ ‘The How And Why Of The OWASP Top Ten 2021’

Pakistan: IT Security Board & National Telecom Notifies Federal Board of Revenue (FBR) of Possible Cyber Attack

Pro-Russian group Killnet launched DDoS attacks on Romanian govt sites

Russian attacks conspicuously focus on wind power operators

Trinidad and Tobago: 7 of 23 Massy Stores branches reopen day after cyber attack

29/04

4 Tips to Maximize Your API Security

308,000 exposed databases discovered, proper management is key

Anonymous hacked Russian PSCB Commercial Bank and companies in the energy sector

Austin Peay State University releases update on Ransomware Attack

Beware of new Black Basta ransomware! Here is what damage it can cause

Breast Cancer Charity Exposed Sensitive Images of U.S. Patients

Bumblebee Malware Loader Has a Sting in the Tail

Companies poorly prepared to meet CCPA, CPRA and GDPR compliance requirements

Corporations in South Africa protected against cyberthreats, but remote work adds more threats

Critical vulnerabilities open Synology, QNAP NAS devices to attack

Cyber Attacks Hit Romanian Government Websites

Cyberespionage APT Now Identified as Three Separate Actors

Data breach at US healthcare provider ARcare impacts 345,000 individuals

Data-wiper malware strains surge as Ukraine battles ongoing invasion

Eliminate the data packrat mentality

Expanding the Conti Ransomware IoCs Using WHOIS and IP Clues

Experts say BlackCat ransomware isn’t more of a problem than any other ransomware strain

Finnish Hotels' Data Compromised

FINRA Alerts BDs to Email Phishing Scams

Five Eyes Agencies List Top 15 Most Exploited Bugs of 2021

German wind farm operator confirms cybersecurity incident

Google Adds New Warning to Curb Phishing Scams

Hackers Claim Data Breach at Coca-Cola

Hard drives, equipment containing personal information stolen from L&I in Tukwila

Health Care Organizations Warned of Aggressive Ransomware Threat

Huge losses and cyber attack brought down modular construction firm

India gives local techies 60 days to hit 6-hour deadline for infosec incident reporting

India to require cybersecurity incident reporting within six hours

Is Voice-over-Internet Protocol (VoIP) Secure?

Leadership and recruitment changes needed to address burnout in cybersecurity

Los Angeles County Department of Mental Health Compromised by a Cyber Attack

Microsoft Documents Over 200 Cyberattacks by Russia Against Ukraine

Months after ransomware attack, New Mexico county adopts cybersecurity policy

North Korea’s Lazarus APT Is Targeting Blockchain Companies With Crypto-Stealer Malware

Online library app Onleihe faces issues after cyberattack on provider

Ransomware Defense Plans: Don't Stockpile Cryptocurrency

Recovery from Log4Shell vulnerability is ongoing with 77% of organizations still in patching mode

Responding to Risks From the Russia-Ukraine War

Russian Hackers Deploy Info-Stealing Malware Against Ukraine. Cyclonis Limited provides Key Steps to Protect Yourself Now!

Russian hacktivists launch DDoS attacks on Romanian govt sites

Secret School District Crypto Miner Resig

Security for 5G and the Intelligent Edge

Sharp increase in cyberattacks in TT, region

Smile Brands Updates Breach Information, 2.6M Affected

'Sophisticated' Ransomware Attack Hits Westchester Libraries

The Cybersecurity Risk No One Talks About—Until It’s Too Late

The Most Common Business Email Cyberattacks

This phishing campaign delivers malware that steals your passwords and chat logs

Three Ways To Explain Security Needs To CEOs

Trindad and Tobago: Cyber attack forces all 21 Branches of Massy Stores to suspend operations

Vulnerable plugins plague the CMS website security landscape

Your Personal Cybersecurity

28/04

1.2 Million Bad Apps Blocked From Reaching Google Play in 2021

78% increase in ransomware attacks in last year

80% of data breaches caused by lack of cyber security skills

Android security: We stopped billions of harmful app downloads, says Google

API Security is Necessary to Stop Threats that WAFs and Bot Protection Cannot

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

Austin Peay State University resumes after ransomware cyber attack

Bar Council and northern law firm Ward Hadaway hit by cyber attacks

Behind the Curtains of the Ransomware Economy – The Victims and the Cybercriminals

Canadian businesses scrambling to defend against cyberattacks uptick

Cloudflare has blocked one of the largest DDoS attacks of all time

Coca-Cola Investigates Potential Data Breach By Russian Hackers

Coca-Cola Investigating Claims that a Ransomware Gang Stole Sensitive Data

Constella Intelligence's 2022 Identity Breach Report Highlights Converging Risks to Consumers, Businesses, and the Public Sector Amidst Increased Attacks on Critical Infrastructure

Cybercriminals deliver IRS tax scams and phishing campaigns by mimicking government vendors

Cybercriminals Using New Malware Loader 'Bumblebee' in the Wild

Do you trust that file? Google will now warn you about suspicious files on the web

Double extortion Ransomware attacks have seen an exponential growth

Enhance cybersecurity posture by switching to a prevention-first approach

Experts Detail 3 Hacking Teams Working Under the Umbrella of TA410 Group

ExtraReplica: Microsoft patches cross-tenant bug in Azure PostgreSQL

Far-right France website probed after 'leak' of Muslim personal data

Four Comprehensive Cybersecurity Practices in the Age of Remote Work

Google blocked an alarming number of dangerous Android apps last year

Hackers have found a sneaky new way to infect Windows devices

How to build a culture of trust in a zero trust environment

How Training Employees About Ransomware Can Mitigate Cyber Risk

India's Critical Infrastructure Witnessed 70% Jump In Ransomware Attacks In 2021

Lapsus$ Hackers Breached T-Mobile Repeatedly and Downloaded Thousands of Source Code Repositories, Leaked Chats Show

Log4j flaw: Thousands of applications are still vulnerable, warn security researchers

Medical software firm fined €1.5M for leaking data of 490k patients

Microsoft: Russia Has Launched Hundreds of Cyber Operations in Ukraine

Microsoft was the most impersonated brand in phishing attacks in 2021

NAM data leak: Earthquake victims' data shared with Ministry

New Bumblebee malware replaces Conti's BazarLoader in cyberattacks

New RIG Exploit Kit Campaign Infecting Victims' PCs with RedLine Stealer

NPM flaw let attackers add anyone as maintainer to malicious packages

Portland Anesthesiology Practice Faces Lawsuit Over Data Breach

Post-pandemic priorities for security leaders

Ransom payment is roughly 15% of the total cost of ransomware attacks

Remote execution holes in Log4j, Exchange and Confluence lead Five Eyes 2021 exploited CVE list

Russian Hackers Are Targeting Europe's Renewable Energy Infrastructure

Security Alert as Researchers Discover 400,000 Exposed Databases

Scottish Environmental Protection Agency (SEPA) paid private PR and social media firms £170,000 after cyber attack

Solving data privacy challenges starts with people-centric security

Stormous Claims Credit for Ransomware Attack on Coca-Cola

The 15 most exploited vulnerabilities in 2021

This new phishing scam can steal your Facebook account

Ukraine targeted by DDoS attacks from compromised WordPress sites

Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack

We're all still making these ridiculous password mistakes

What Is Water Cybersecurity?

Why Security Must be the Focus of Modern Banking

27/04

6 Best Data Security Practices You Can Start Today

10 Security Technologies to Secure Remote Work

American Dental Association and Tenet Healthcare Recovering from Cyberattacks

Analyzing the Surprising Data from The State of Ransomware 2022 Report with Chet Wisniewski

Attackers' Median Dwell Time Drops to 3 Weeks

Below the surface: Group-IB identified 308,000 exposed databases in 2021

Bronze President spies on Russian targets as Ukraine invasion continues

Chinese Hackers Targeting Russian Military Personnel with Updated PlugX Malware

Chinese state-backed hackers now target Russian state officers

Cloudflare Thwarts Record DDoS Attack Peaking at 15 Million Requests Per Second

Coca-Cola Investigates Data Breach Claim

Cyber ​​attack apparently paralyzed wind turbines

Cyber-attack defense: CIS Benchmarks + CDM + MITRE ATT&CK

Cyber Skills Gap Linked to Breaches

Cybersecurity agencies reveal top exploited vulnerabilities of 2021

Cybersecurity incident disrupts operations at Tenet hospitals

Data loss and cyber crime in numbers

East Windsor still needs to address email hack

Emotet is Back From ‘Spring Break’ With New Nasty Tricks

Explaining Cloud Native Application Security

Four Crypto And Blockchain Phishing Scams To Be Aware Of Before You Get Excited About Web3

French hospitals cut internet connection after a data extortion

German banking scam could soon be used to target other countries

GitHub: How stolen OAuth tokens helped breach dozens of orgs

Google's New Safety Section Shows What Data Android Apps Collect About Users

Governments under attack must think defensively

How Emotet flooded Japanese inboxes

How to deal with security challenges fueled by multicloud environments

How to detect phishing images in emails

How To Upgrade the Insurance Industry’s Cybersecurity Posture

India sees 70% spike in ransomware attacks on critical infrastructure

Jornal Económico targeted by computer attack

Keep your digital banking safe: Tips for consumers and banks

Microsoft says Russia hit Ukraine with hundreds of cyberattacks

Millions of Java Apps Remain Vulnerable to Log4Shell

Multi-vector DDoS attacks on the rise, attackers indiscriminate and persistent

New Black Basta ransomware springs into action with a dozen breaches

New Nimbuspwn Linux vulnerability gives hackers root privileges

Nimbuspwn bugs allow attackers to gain root privileges on some Linux machines (CVE-2022-29799, CVE-2022-29800)

Nimbuspwn Linux Bugs Could Provide Root Access

Number of publicly exposed database instances hits new record

Parrot TDS poses immediate risk to web developers worldwide

Password Configuration – A Key Component to Cyber Security

Private Investigator Admits Role in Hedge Fund Hack

QNAP Advises to Mitigate Remote Hacking Flaws Until Patches are Available

Ransomware Attacks Surged to New Highs in 2021

Ransomware demands are growing, but life is getting tougher for malware gangs

RIG Exploit Kit drops RedLine malware via Internet Explorer bug

Russia Is Being Hacked at an Unprecedented Scale

Siloed technology management increases operational blind spots and cyber risk

SMBs Targeted in 80% of Ransomware Attacks

Smile Brands Breach Impacts 2.5 Million Individuals

State of Ransomware Report 2022: 66% Organizations Hit in 2021

Student grades stored in Greek education platform UniverSIS could be manipulated via SQLi

The Challenges of Hybrid Cloud Security Approaches

The hierarchy of cybersecurity needs: Why EASM is essential to any zero-trust architecture

UK Army Data Breach: What You Need to Know

UK Schools Can Sign-Up to Free Government-Grade Security

US Offers $10m for Russian NotPetya Sandworm Team

U.S. Offers $10 Million Bounty for Information on 6 Russian Military Hackers

WhatsApp issues urgent warning to two billion users to delete text now

Who tried to hack Hawaii’s undersea cable?

26/04

5 Data Security Challenges and How to Solve Them

65% of security leaders say they’ve experienced an increase in cyberattacks

Bank Account Hacking Protection: How to save financial accounts from hackers

Bored Ape Yacht Club Customers Lose $3m in NFT Scam

Bored Ape Yacht Club Instagram takeover sees around $3 million in NFTs sail away

Coca-Cola investigates hackers' claims of breach and data theft

Computer scam locks user's computer, instructs you to call Microsoft technical support

Cyber attack hits upscale Helsinki hotels affecting 15k customers

Cyber Conflict Overshadowed a Major Government Ransomware Alert

Cyber extortion debuts on list of top executive worries

Data Breach Disrupts UK Army Recruitment

Don't fall for this devious phishing scam, Facebook users warned

Email encryption flexibility builds customer trust and business revenue

Emotet Testing New Delivery Ideas After Microsoft Disables VBA Macros by Default

Emotet Tests New TTPs

FBI warns US farmers of a higher risk of ransomware attacks

Fraudsters answer security questions better than customers

French Hospitals Cut Internet Connection After Data Raid

Funky Pigeon still battling cyber incident

García de Orta Hospital targeted by a computer attack

Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak

Google and Mandiant Say Record Zero-Day Vulnerabilities Exploited in 2021

Hackers exploit critical VMware RCE flaw to install backdoors

Inside a ransomware incident: How a single mistake left a door open for attackers

Iranian Hacking Group Among Those Exploiting Recently Disclosed VMware RCE Flaw

Manage and monitor third-party identities to protect your organization

Massachusetts State Police Issue Alert For Phishing Scams That Claim To Be From US Marshals

Meteoric attack deploys Quantum ransomware in mere hours

North Korean Hackers Target Journalists with GOLDBACKDOOR Malware

Organizations face cybersecurity debt for not prioritizing cybersecurity

Pakistan’s leading bank comes under grip of cyberattacks

Principles for Kubernetes security and good hygiene

Public interest in Log4Shell fades but attack surface remains

Ransomware attacks cost universities over £2M per incident

Russian-affiliates believed to be behind cyber attacks on wind turbines firms

Russian-linked hackers says they've HACKED Coca-Cola: Stormous claims it has stolen financial data, passwords and accounts as they put it up for sale for $640,000 or 16 million Bitcoin

Security Teams Should Be Addressing Quantum Cyber-Threats Now

Shadow IT is a top concern related to SaaS adoption

Siloed Tech Prompts Security Worries

Solara Medical Supplies Faces $5M Proposed Settlement After Data Breach

State Bank of India (SBI) Warning For 45 Crore Customers: Don’t Pick Calls From These Numbers, You Can Be Robbed

The Emotet botnet is back, and it has some new tricks to spread malware

The Russia-Ukraine Conflict has Brought Cyberwarfare into the Mainstream

UK’s army recruitment system closed since March after data breach

Ward Hadaway blackmailed after cyber attack

Wawa sues payments giant Mastercard over data breach penalty

25/04

41% of businesses had an API security incident last year

Aeropost.com Asks Customers to Delete Credit Card Information Following Recent Data Breach

Automating Secure Coding Training

BlackCat Ransomware gang breached over 60 orgs worldwide

Brazil sees improvement in data breaches

Canadian businesses are fearful of cyberattacks

CISA adds 7 vulnerabilities to list of bugs exploited in attacks

Conti ransomware cripples systems of electricity manager in Costa Rican town

Costa Rica Refuses to Pay Cyber Ransom

Critical Bug in Everscale Wallet Could've Let Attackers Steal Cryptocurrencies

‘Crypto Bug of the Year’ Fixed — Update Java NOW

CSAM Creator Imprisoned for Life

Data Breach at Burkhart Dental Supply Compromises Sensitive Customer Data

Emotet malware infects users again after fixing broken installer

European Wind-Energy Sector Hit in Wave of Hacks

Experts warn of a surge in zero-day flaws observed and exploited in 2021

FBI seeing ransomware attacks on agriculture sector, warning farmers to protect themselves

FBI: This ransomware written in the Rust programming language has hit at least 60 targets

FCA: Challenger Banks Failing to Spot Money Launderers

French hospital group disconnects Internet after hackers steal data

Geopolitical tensions drive ransomware risks for business

Hack DHS: Homeland Security's first bug bounty turns up 122 vulnerabilities

How to avoid compliance leader burnout

How to ensure a cyber secure return to the office

How to protect against the weakest link in cybersecurity – THE USERS

Illinois gastroenterology group reveals data breach

Iran announced to have foiled massive cyberattacks on public services

Is cybersecurity talent shortage a myth?

Kansas Hospital Discloses Data Breach

Lapsus$ Hackers Stole T-Mobile’s Source Code and Systems Data

Mailchimp Data Breach Led to Stolen Crypto, Class Action Says

Medical device cybersecurity: What to expect in 2022?

More than 1B IoT attacks in 2021

Network attacks increased to a 3-year high

New BotenaGo Malware Variant Targeting Lilin Security Camera DVR Devices

New powerful Prynt Stealer malware sells for just $100 per month

North Korean hackers targeting journalists with novel malware

Phishing attacks soar, retail and wholesale most targeted

Prevent HEAT attacks to foil ransomware incidents

Prioritizing Security a Challenge for Dev Teams

Quantum ransomware seen deployed in rapid network attacks

Ransomware Attacks Cost Universities Over £2m

Spanish Ombudsman to Probe Pegasus Spyware Claims

T-Mobile breached in apparent Lapsus$ attack

T-Mobile hit by data breaches from Lapsus$ extortion group

This sneaky phishing attack tries to steal your Facebook password

Threat Actors Lurked on a Government Agency Network for 6 Months Before Deploying LockBit Ransomware

Trend Micro Unfurls Risk Intel Aggregator

Unified Government forced to postpone tax sale due to cyber attack

University College London (UCL) faced almost 60 million malicious email attacks at the start of this year

What Does a 5G Cyber-Attack Look Like?

What is Data Execution Prevention (DEP)?

Why healthcare data is the latest cyber battlefield

Yuma Regional Medical Center (YRMC) faces potential cyber attack

24/04

3 ways to increase cybersecurity while working remotely

Australia's overheated property market has become a target for hackers — and they're scamming millions

Can Your Printer Be Hacked?

Cyber threats to media companies are on the rise

Cyberattack Is Currently The Fastest Growing Crime Worldwide

FBI Warns of Targeted Cyberattacks on Food Plants Amid Heightened Coverage of Fires

Google, Mandiant say zero-day numbers reached all-time highs in 2021

Investigation launched as 2,000 health workers caught up in data breach

Lapsus$ stole T-Mobile's source code before member arrests in March

Managing Employee Cyber Risk is Essential For Your Business

Phone hacking is a child’s play; read how you can SECURE your device

Privilege Escalation Explained: Types, Cases, And Prevention

Ransomware attacks on farmers are timed to coincide with harvest season

Scam Alert: Fraudsters Pretend to Be Coinbase Customer Support to Steal Funds

Terra users lost more than $4 million in a phishing attack

The retail industry is at risk of more than 400% of phishing scams according to a new report

What Are Initial Access Brokers?

WhatsApp Tips and Tricks: Stop Hackers from Reading Your Messages

NEWS: Abril (17/04 - 23/04) - 16 Semana de 2022