NEWS: Agosto (01/08 - 07/08) - 31 Semana de 2021

Cyber Security and Information Security News !!! Daily Updates

07/08

A Batch of 1 Million Credit Cards Is Shared for Free on New Dark Web Carding Site - TechNadu

Actively exploited bug bypasses authentication on millions of routers - Bleeping Computer

Black Hat USA 2021: Who will sell my data to spammers? - Market Research Telecast

Egress Reports Astonishing Figures In Light Of Increased Phishing And Scam - Digital Information World

GIGABYTE Admits Falling Victim to a Ransomware Attack - TechNadu

Go, Rust "net" library affected by critical IP address validation vulnerability - Bleeping Computer

Hackers' attack manual may have been leaked online - NHK World Japan

How New Alliance of US Spooks & Big Tech Using 'Russia Bugaboo' to Amplify Surveillance Powers - Sputnik News

Infamous DarkSide ransomware reborn as new cyber threat: reports - Fox News

Pegasus Cyberweapon and the Threat on Smartphones - La Progressive

RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE - Security Affairs

So Your PayPal Account Has Been Limited | What Do You Do Now? - Invest Records

Spammers Are Tricking Victims Into Calling Scam Support Centers - TechNadu

The Financial Cost of Data Breaches Soars to 6 Year High With $4.24 Million Recorded Losses in 2021 - The Fintech Times

Three random words better than more complex passwords – GCHQ - Evening Standard

06/08

162,000 patients exposed in ransomware attack on Texas medical group - Becker's Health IT

Apple to Scan Every Device for Child Abuse Content — But Experts Fear for Privacy - The Hacker News

Black Hat: BadAlloc bugs expose millions of IoT devices to hijack - ZDNet

Black Hat: How cybersecurity incidents can become legal minefields - ZDNet

BlackMatter ransomware also targets VMware ESXi servers - Security Affairs

Can the public cloud become confidential? - Help Net Security

Closing the endpoint security gap within government - Open Access Government

Conti Leak Indicators – What to block, in your SOC…. - Security Affairs

Data Breach at University of Kentucky - InfoSecurity

Data Breaches Exposed 18 Billion Records In First Half Of 2021 - Tech Co

Demystifying cybersecurity with a more human-centric approach - Help Net Security

How real-time computing can sound the kill chain alarm - Help Net Security

Increasing speed of vulnerability scans ultimately increases security fixes overall - Help Net Security

India's Koo, a Twitter-like Service, Found Vulnerable to Critical Worm Attacks - The Hacker News

Insurance Giant ‘Transamerica Corporation’ Announces Data Breach - TechNadu

Malicious e-Books Can Result in Amazon Kindle Take-Overs - TechNadu

New Amazon Kindle Bug Could've Let Attackers Hijack Your eBook Reader - The Hacker News

Patch bypass flaw in Pulse Secure VPNs can lead to total compromise (CVE-2021-22937) - Help Net Security

Patch Bypass PoC for Pulse Connect Secure Calls for Emergency Update - TechNadu

Phishing Actors Still Abusing ‘Google Translate’ to Evade Detection - TechNadu

Self-Destructing Messages on Telegram May Be Permanently Stored in macOS - TechNadu

StarHub suffers data breach, but says no system was compromised - ZDNet

Tokyo Olympics Suffers a Fujitsu-Related Breach - Cyber Security Hub

VMware addresses critical flaws in its products - Security Affairs

VMware Issues Patches to Fix Critical Bugs Affecting Multiple Products - The Hacker News

Washington D.C. and Singapore top the list for 10 best cities for cybersecurity experts - ZDNet

05/08

A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service - The Hacker News

Audit finds some former WA government staff still have systems access after termination - ZDNet

Austrian Data Protection Authority Fines ‘Unser Ö-Bonus Club GmbH’ €2,000,000 - TechNadu

Blocked DDoS attack volumes up, tech, healthcare and finance most targeted - Help Net Security

CISA to partner with Amazon, Google, Microsoft, Verizon, AT&T and more for cyberdefense initiative - ZDNet

Cisco fixes critical, high severity vulnerabilities in VPN routers - Security Affairs

Cybercriminals are manipulating reality to reshape the modern threat landscape - Help Net Security

Cybercrime Ransomware 'Ban' is No Match for Threat Actors - InfoSecurity

Data breach is ‘taken seriously’ after patient file was found - Wex

Defunct marketing firm exposed 32GB worth of records, customers data - HackRead

Hackers target private computer systems of six Isle of Wight schools in server-crippling 'ransomware' attack, forcing one site to push back the start of the new term - Mail Online

How to build a zero-trust cloud data architecture - Help Net Security

How to Protect Your CRM Information from Security Threats - HackRead

Italian energy company ERG hit by LockBit 2.0 ransomware gang - Security Affairs

Looking to survive a ransomware attack - Professional Security

Microsoft Edge just got a 'Super Duper Secure Mode' upgrade - ZDNet

More than 12,500 vulnerabilities disclosed in first half of 2021: Risk Based Security - ZDNet

New PayPal Credential Phishing Scam Spotted - Softpedia News

PJCIS asks for Australia's 'hacking' Bill to gain judicial oversight and sunset clauses - ZDNet

Prometheus TDS: The $250 service behind recent malware attacks - Bleeping Computer

‘Prophet Spider’ Now Targeting Old Oracle WebLogic RCE Vulnerabilities - TechNadu

Ransom demands are getting larger and larger - IT Pro Portal

Ransomware – the growing cybersecurity scourge - Smart Energy International

Researchers turn the spotlight on the hidden workers of the cybercrime world - ZDNet

RIP guest access, long live shared channels! - Help Net Security

Salesforce Release Updates — A Cautionary Tale for Security Teams - The Hacker News

Schools and colleges on the Isle of Wight hit by ransomware - IT Pro

Security company warns of Mitsubishi industrial control vulnerabilities - ZDNet

South Korea to Step Up Support to Fight Ransomware Attacks - The Korea Bizwire

The destructive power of supply chain attacks and how to secure your code - Help Net Security

There's been a rise in stalkerware. And the tech abuse problem goes beyond smartphones - ZDNet

Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks - The Hacker News

White House backs away from banning ransomware payments - Computing

White House cyber official says 'commitment' by ransomware gang suggests Biden's warnings are being heard - CNN Politics

With Double Extortion, We Can’t Outplay Ransomware So We Need To Outwit It - ITWire

04/08

A clever phishing campaign is targeting Office 365 users - Help Net Security

A New Set of ‘INFRA:HALT’ Vulnerabilities Is Coming for Your OT Devices - TechNadu

Advanced Technology Ventures discloses ransomware attack and data breach - Security Affairs

AWS S3 can be a security risk for your business - Help Net Security

Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms - ThreatPost

Demystifying the 18 Checks for Secure Scorecards - Security Boulevard

Energy group ERG reports minor disruptions after ransomware attack - ZDNet

Fresh ‘APT31’ Activity Surfaces, Including Russian Targets for the First Time Ever - TechNadu

Google's One Tap lets you sign into websites and apps without a password - ZDNet

Hackers target Kubernetes to steal data and processing power. Now the NSA has tips to protect yourself - ZDNet

Implications for ATE insurance after data breach ‘privacy’ claim struck out - Pinsent Masons

INFRA:HALT security bugs impact critical industrial control devices - Bleeping Computer

Moving toward a reality where breaches are not a given - Help Net Security

Multiple Chinese Hacking Groups Targeted Telecommunication Service Providers in Asia - TechNadu

New Chinese Spyware Being Used in Widespread Cyber Espionage Attacks - The Hacker News

New Cobalt Strike bugs allow takedown of attackers’ servers - Bleeping Computer

NSA and CISA share Kubernetes security recommendations - Bleeping Computer

Partners in Crime: How Ransomware Gangs Are Working Together - Security Boulevard

‘Raccoon Stealer’ Now Comes With a Crypto-Transaction Grabber and a Malware Dropper - TechNadu

Remote work and its lasting impact: What our global research uncovered - Security Boulevard

Report Finds Software Supply Chains Rife with Vulnerabilities - Security Boulevard

Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus - The Hacker News

Sanford Health target of attempted cyber attack - Inforum

Security BSides Athens 2021 – Talk 5: Y. Koukouras D. Tsikopoulos – maraki1982: ‘A Management Tool for OAuth2 Phishing’ - Security Boulevard

Security researchers warn of TCP/IP stack flaws in operational technology devices - ZDNet

Supply chain attacks expected to multiply by 4 in 2021 - Help Net Security

There’s a New “FatalRAT” in Town Using Telegram Channels to Move About - TechNadu

Vulnerable TCP/IP stack is used by almost 200 device vendors - Help Net Security

Waikato DHB wins injunction to stop Radio NZ using hacked data - Stuff

What is DataSecOps and why it matters - Help Net Security

Yet Another Massive Data Leak From a Marketing Company Exposes 126 Million U.S. Citizens - TechNadu

YouTube Scam Baiter Tricked by Revengeful Scammers to Delete His Own Channel - TechNadu

03/08

73% of orgs were victims of phishing attacks in the last year - Venture Beat

92% of pharmaceutical companies have at least one exposed database - Help Net Security

A Silicon Valley VC firm with $1.8B in assets was hit by ransomware - Tech Crunch

Auditor finds WA Police accessed SafeWA data 3 times and the app was flawed at launch - ZDNet

Chinese Hackers Target Major Southeast Asian Telecom Companies - The Hacker News

Constant review of third-party security critical as ransomware threat climbs - ZDNet

Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices - The Hacker News

DDoS attacks largely target the US and the computers and internet sectors - Tech Republic

DeadRinger: Chinese APTs strike major telecommunications companies - ZDNet

Google Cloud Security joins Exabeam-led cybersecurity alliance - ZDNet

Harris County Health Data Breach Exposes PHI of 26K - Health IT Security

Homewood Health confirms data breach hit - Business Canada

Insurance Broker Gallagher Sued Over Ransomware Attack - Claims Journal

Isle of Wight schools hit by ransomware attack - BBC News

Italian vaccination registration system down in apparent ransomware attack - NBC News

Loss of unencrypted disks behind National Lottery Community Fund data breach - ThirdSector

Nearly 3 in 4 Organizations Suffered Data Breaches Due to Phishing - NextGov

Olympic-themed passwords put people at risk - TechRepublic

Raccoon stealer-as-a-service will now try to grab your cryptocurrency - ZDNet

Ransom demands reaching $1.2M, smaller companies increasingly targeted - Help Net Security

Ransomware attacks skyrocketed in H1 2021 - Help Net Security

Ransomware is wreaking havoc in Hackney - Coda Story

Regulations against ransomware payment not ideal solution - ZDNet

SAP applications more vulnerable than users might think - Help Net Security

Save an extra 60% on these 10 top coding course bundles - Bleeping Computer

Supply chain attacks are getting worse, and you are not ready for them - ZDNet

The importance of compute lifecycle assurance in a zero-trust world - Help Net Security

With Crime-as-a-Service, anyone can be an attacker - Help Net Security

02/08

A digital shift requires a new approach to asset management: How to reduce security risks - Help Net Security

CISA launches US federal vulnerability disclosure platform - Help Net Security

Critical vulnerabilities may allow attackers to compromise hospitals’ pneumatic tube system - Help Net Security

Gamification can redefine the cybersecurity demo experience - Help Net Security

Google Chrome to no longer show secure website indicators - Bleeping Computer

Italy’s Lazio Region Hit by Ransomware Actors Who Crippled Vaccination Process - TechNadu

Navigating the 2021 threat landscape: Security operations, cybersecurity maturity - Help Net Security

New APT Hacking Group Targets Microsoft IIS Servers with ASP.NET Exploits - The Hacker News

Organizations still rely on weak security for remote workers - Help Net Security

PwnedPiper critical bug set impacts major hospitals in North America - Bleeping Computer

PwnedPiper PTS Security Flaws Threaten 80% of Hospitals in the U.S. - The Hacker News

PyPI Python Package Repository Patches Critical Supply Chain Flaw - The Hacker News

Ransomware operators love them: Key trends in the Initial Access Broker space - ZDNet

Scientists Prove Tricking Sophisticated Voice Authentication Systems Is Feasible - TechNadu

Solarmarker InfoStealer Malware Once Again Making its Way Into the Wild - The Hacker News

SolarWinds attackers breached email of US prosecutors, says Department of Justice - ZDNet

Stop ignore this iPhone warning - ZDNet

Zoom to pay $85m to set aside privacy violation and zoombombing allegations - ZDNet

01/08

Bot protection now generally available in Azure Web Application Firewall - Bleeping Computer

Calgary Parking Authority exposed sensitive data of residents - HackRead

Five Essential Ways To Prepare For A Future Ransomware Attack - Forbes

How to put a stop to Russia’s new form of organized crime - Telecom

Ransomware attacks hit record 300 million in 1st half of 2021: Report - The Tribune India

U.S. Government launches first business, community one-stop ransomware resource website - Corridor News

NEWS: Julho (25/07 - 31/07) - 30 Semana de 2021