NEWS: Abril/Maio (02/05 - 08/05) - 18 Semana de 2021

08/05
“Bulletproof Hosting” Operators Pleaded Guilty in American Court - TechNadu
Cryptocurrency Scammers Have Hijacked Twitter Account of Argentinian Politician - TechNadu
Microsoft removes remaining Windows 10 Conexant update blocks - Bleeping Computer
Researchers Find 19 Petabytes of Data Exposed Online and Accessible by Anyone - TechNadu

07/05
19 petabytes of data exposed across 29,000+ unprotected databases - Security Affairs
Acting on a security risk assessment of your organization’s use of Salesforce - Help Net Security
Be a “dumbass”, like some of the world’s best cyber investigators - Help Net Security
Bot Attacks a Top Cybersecurity Concern - InfoSecurity
Build the ultimate cybersecurity résumé with this 24-course bundle - Bleeping Computer
Connecting the Bots – Hancitor fuels Cuba Ransomware Operations - Security Affairs
Consumer views and behaviors on creating and using passwords - Help Net Security
Cuba Ransomware partners with Hancitor for spam-fueled attacks - Bleeping Computer
Cybersecurity warning: Russian hackers are targeting these vulnerabilities, so patch now - ZDNet
DefakeHop: A deepfake detection method that tackles adversarial threat detection and recognition - Help Net Security
Google teams up with Stop Scams to tackle financial fraud in the UK - ZDNet
IRS secures order to serve Kraken with customer data request on cryptocurrency traders - ZDNet
Lawsuit Filed Over Contact Tracing Data Breach - InfoSecurity
Microsoft Warns About New BEC Campaign Making Money Through Gift Card Scams - TechNadu
New Stealthy Rootkit Infiltrated Networks of High-Profile Organizations - The Hacker News
New TsuNAME Flaw Could Let Attackers Take Down Authoritative DNS Servers - The Hacker News
New workloads are driving data protection modernization - Help Net Security
Possible attacks on the TCP/IP protocol stack and countermeasures - Security Affairs
Qualcomm chip vulnerability found in millions of Google, Samsung, and LG phones - ZDNet
Smart cities are a tempting target for cyberattacks, so it's time to secure them now - ZDNet
Suicide prevention body calls for gambling platform data-sharing practices to be reined in - ZDNet
The obvious and not-so-obvious data you wouldn’t want companies to have - Help Net Security
Three Marylanders Indicted Over BEC Scam - InfoSecurity
Well-Intended Hackers Broke Into Fermilab’s Network and Accessed Sensitive Data - TechNadu

06/05
A taste of the latest release of QakBot - Security Affairs
Best Practices for Securing Public Cloud Infrastructure - Security Boulevard
Bitglass Security Spotlight: Another Supply-Chain Attack, Microsoft Vulnerabilities, and More Data Breaches - Security Boulevard
ACIC believes there's no legitimate reason to use an encrypted communication platform - ZDNet
Chinese PLA Unit 61419 suspected to have purchased AVs for cyber-espionage - Security Affairs
Cisco fixes critical flaws in SD-WAN vManage and HyperFlex HX software - Security Affairs
Cloud native adoption increasing security concerns - Help Net Security
Creating an Effective Cybersecurity EO - Security Boulevard
Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software - The Hacker News
Dispelling four myths about automating PKI certificate lifecycle management - Help Net Security
Email security is a human issue - Help Net Security
New Qualcomm Chip Bug Could Let Hackers Spy On Android Devices - The Hacker News
New Spectre Flaws in Intel and AMD CPUs Affect Billions of Computers - The Hacker News
New York Considers Proposal for the Regulation of Cryptocurrency Mining - TechNadu
Passwords a Threat to Public Infrastructure - Security Boulevard
Qualcomm vulnerability impacts nearly 40% of all mobile phones - Bleeping Computer
Ransomware Attack Disrupts Scripps Health - Security Boulevard
Ransomware: There's been a big rise in double extortion attacks as gangs try out new tricks - ZDNet
Security researchers found 21 flaws in this widely used email server, so update immediately - ZDNet
The Evolution of Ransomware Attacks - Security Boulevard
What contractors should start to consider with the DoD’s CMMC compliance standards - Help Net Security

05/05
21 vulnerabilities found in Exim, update your instances ASAP! - Help Net Security
61% of cybersecurity teams are understaffed - Help Net Security
ALERT — New 21Nails Exim Bugs Expose Millions of Email Servers to Hacking - The Hacker News
Banking Trojan evolves from distribution through porn to phishing schemes - ZDNet
BIOS PrivEsc Bugs Affect Hundreds of Millions of Dell PCs Worldwide - The Hacker News
Defeating typosquatters: Staying ahead of phishing and digital fraud - Help Net Security
Enterprises Misplace Trust in Partners, Suppliers - Security Boulevard
Facebook bans Signal's attempt to run transparent Instagram ad campaign - ZDNet
Google Chrome: This new feature makes it tougher for hackers to attack Windows 10 PCs - ZDNet
How modern workflows can benefit from pentesting - Help Net Security
Is it OK to publish PoC exploits for vulnerabilities and patches? - Help Net Security
Justice Department seizes fake COVID-19 vaccine website stealing info from visitors - ZDNet
New Study Warns of Security Threats Linked to Recycled Phone Numbers - The Hacker News
Panda Stealer dropped in Excel files, spreads through Discord to steal user cryptocurrency - ZDNet
Pandemic accelerating need for insider risk management - Help Net Security
REvil ransomware to blame for UnitingCare Queensland's April attack - ZDNet
Social media feed simulator Fakey teaches users to recognize credible content - Help Net Security
Twitter kills 'Open for a surprise' tweets with new mobile feature - Bleeping Computer
UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware - Security Affairs

04/05
Apple fixes four zero-days under attack - Help Net Security
Critical Patch Out for Critical Pulse Secure VPN 0-Day Under Attack - The Hacker News
Data breaches spike - The Strait Times
Digital transformation investments a top priority for most CFOs - Help Net Security
Financial institutions experiencing jump in new pandemic-related threats - Help Net Security
Healthcare organizations implementing zero trust to tackle cyberattacks - Help Net Security
Kubestriker: A security auditing tool for Kubernetes clusters - Help Net Security
List of data breaches and cyber attacks in April 2021 – 1 billion records breached - IT Governance
Microsoft's new open-source tool could stop your AI from getting hacked - ZDNet
New FluBot Android Banking Trojan Spread Via SMS Phishing - LHN
New Pingback Malware Using ICMP Tunneling to Evade C&C Detection - The Hacker News
New Windows 'Pingback' malware uses ICMP for covert communication - Bleeping Computer
OSG did not tell privacy watchdog about recent data breach - Inquirer
OSG probes online data breach - Philstar Global
Problems installing iOS 14.5.1? Here's what you need to know - ZDNet
Pulse Secure Patches Critical Zero-Day Flaw - InfoSecurity
Ransomware targeting Asean SMEs drops - Bangkok Post
Secure your cloud: Remove the human vulnerabilities - Help Net Security
‘ShinyHunters’ Is Sharing the Entire WedMeGood Stolen Database for Free - TechNadu
Third Parties Caused Data Breaches at 51% of Organizations - InfoSecurity
Three new malware families found in global finance phishing campaign - ZDNet
U.S. Agency for Global Media data breach caused by a phishing attack - Bleeping Computer
Use longitudinal learning to reduce risky user behavior - Help Net Security
Users increasingly putting password security best practices into play - Help Net Security
Virgin Active SA Suffers Cyber-Attack - InfoSecurity

03/05
58% of orgs predict remote workers will expose them to data breach risk - Help Net Security
A Rust-based Buer Malware Variant Has Been Spotted in the Wild - The Hacker News
Apple fixes 2 iOS zero-day vulnerabilities actively used in attacks - Bleeping Computer
Apple Releases Urgent Security Patches For Zero‑Day Bugs Under Active Attacks - The Hacker News
Articulating DMARC as a key defence against phishing - ITWeb
Chinese hackers targeting Russian nuclear submarine design firm with PortDoor malware - Teiss
Contact Tracer Breach Hits the Keystone State - InfoSecurity
Cybersecurity control failures listed as top emerging risk - Help Net Security
Data breach alerts in S'pore up on new reporting rules, more cyber threats: Experts - The Straits Time
DDoS attackers stick to their target even if they are unsuccessful - Help Net Security
Deepfake Attacks Are About to Surge, Experts Warn - ThreatPost
DHS, White House turn spotlight on ransomware - GCN
eCommerce fraud losses to surpass $20 billion this year - Help Net Security
Eliminating man-in-the-middle attacks - Secure Link
Facebook, Google, Twitter caution Australia against a blanket terrorism content ban - ZDNet
Fresh Royal Mail scam warning issued to millions of Brits - Manchester Evening News
Gifford says vendor had data breach - Valley News
Hacker leaks 150 million user records from Iranian Raychat app - HackRead
Health care giant Scripps Health hit by ransomware attack - Bleeping Computer
Home Office Cybersecurity Best Practices - Los Angeles Business Journal
How do I select a DLP solution for my business? - Help Net Security
How organizations can optimize cloud spend - Help Net Security
Iran suspected of being behind ransomware attacks against Israeli organizations - Israel Defense
Large-Scale ‘Instacart’ Hacks Pushing Gig Workers in Despair - TechNadu
MITRE ATT&CK v9 is out and includes ATT&CK for Containers - Help Net Security
N3TW0RM ransomware emerges in wave of cyberattacks in Israel - Bleeping Computer
New Buer Malware Downloader Rewritten in E-Z Rust Language - ThreatPost
New Chinese Malware Targeted Russia's Largest Nuclear Submarine Designer - The Hacker News
Northern Cape municipality battles devastating ransomware attack - ITWeb
Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys - The Hacker News
Philippines Solicitor General data breach flagged by security firm - Channel Asia
PoC exploit released for Microsoft Exchange bug discovered by NASA - Bleeping Computer
Popular Turkish Software Site ‘Gezginler’ Appears to Have Been Breached - TechNadu
Pulse Secure fixes VPN zero-day used to hack high-value targets - Bleeping Computer
Ransomware Attack On Midwest Transplant Network Affects More Than 17,000 - KCUR
Ransomware shutdown continues to be a problem for Scripps Health - La Jolla Light
Researchers Uncover Iranian State-Sponsored Ransomware Operation - The Hacker News
Risk-based vulnerability management has produced demonstrable results - Help Net Security
Shlayer Malware Exploited macOS Zero-Day To Bypass Apple Security - LHN
Social Engineering: Watch Out for These Threats Against Cybersecurity Experts - Security Intelligence
Spike in data breaches sends firms scrambling for cybersecurity cover - Times Of India
These breached "Star Wars"-themed passwords need more than the force to save them - TechRepublic
Toronto reveals potential cyber breach - Insurance Business Magazine
TurgenSec finds 345,000 files from Filipino solicitor-general's office were breached - ZDNet

02/05
Bol.com mistakenly deposited € 750,000 into an oplic account - Cheraw Chronicle
Flash Loan Attack on Binance Smart Chain, $30 Million Stolen From Spartan Protocol Using BNB - CoinGape
Introducing COLT – Compromise To Leak Time - Vulnerability
New bogus Royal Mail text message being sent out by phishing fraudsters - Wales Online
Personal Data Of Illinois Residents May Have Been Exposed After Ransomware Attack - Effingham Radio