NEWS: Agosto (14/08 - 20/08) - 33 Semana de 2022
Cyber Security and Information Security News - Daily Updates !! Weekly Review
20/08
Apple Alerts Users About Security Problems In Their Macs, iPads, And iPhones
Bangladesh: Government alerts IT infrastructures, key offices over DDoS cyber-attack
Department of Social Services warns of EBT phishing scheme
Flashpoint’s report shows data theft incidents take place frequently due to hacking
Google blocks world’s largest web DDoS cyber attack ever
How Secure Is Microsoft OneDrive?
How the banking and financial industries are gearing up against phishing
Iran Targets Members Of Advocacy Group On US Soil
Ransomware Group Threatens Security Firm Entrust to Leak stolen data by August 20 2022
Ransomware-as-a-Service: SaaS' Evil Twin
Researcher warns against iPhone Apps of Meta, Instagram, TikTok over data breach
Spanish Banking Trojan Attacks Various Industry Verticals
Watch out for new credit card scams
19/08
4 Common Automotive Cybersecurity Vulnerabilities
265 Brands Impersonated in Credential Phishing Attacks in the First Half of 2022
Alternatives to facial recognition authentication
Apple Warns of Critical Security Risk in Safari For iPhones, iPads and Macs
Ataque hacker: Prefeitura do Rio tem site temporário com informações para população
Brasseler USA Announces Data Breach
British utility providing water to 1.6mn consumers target of cyber crime
Businesses Found to Neglect Cybersecurity Until it is Too Late
CISA adds 7 vulnerabilities to list of bugs exploited by hackers
Critical Amazon Ring Vulnerability Could Expose Camera Recordings
Cyber-attack on WSI gains access to personal data of North Dakotans
Cyber Tops Staff Retention as Biggest Business Risk
Dangerous iPhone, iPad & Mac threat – Update devices now
Documento indica que ataque hacker ao TCE-PR foi grave e mostrou falta de segurança do sistema
DoNot Team Hackers Updated its Malware Toolkit with Improved Capabilities
Estonia Repels Biggest Cyber-Attack Since 2007
Exploiting stolen session cookies to bypass multi-factor authentication (MFA)
FBI prevents Nebraska hospital cyber attack
Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second
Google: Here's how we blocked the largest web DDoS attack ever
Google registra o maior ataque HTTPS DDoS da história
Grandoreiro banking malware targets manufacturers in Spain, Mexico
HC3 alerts to social engineering risk, rise in vishing attacks on healthcare
How A Hardware Crypto Wallet Protects Against Hackers
How to strengthen the human element of cybersecurity
iPhone Users Urged to Update to Patch 2 Zero-Days
LockBit Claims Entrust Ransomware Attack
Mailchimp data breach took down DigitalOcean's email services
Major city car dealership hit by huge data theft cyber attack
Most hopeless cyber attack ever still works
New Amazon Ring Vulnerability Could Have Exposed All Your Camera Recordings
Russian APT29 hackers abuse Azure services to hack Microsoft 365 users
Russian hackers plan to release data stolen from McKinney hospital onto dark web
Scammers extend phishing campaigns via IP range filtering to avoid detection
School Districts Share ‘Lesson Plan’ for Boosting Cybersecurity
Self-Driving Vehicles: A Serious Security Risk?
TikTok monitora o usuário do iOS fora do app, diz pesquisador
UK Carrier Claims to Block One Million Vishing Calls Per Day
18/08
A recently leaked data from 2021 Airtel's data breach, shows 18k people having same password
Aceitera General Dehezas discloses ransomware attack
Almost one million people affected by medical billing ransomware attack
Amazon fixes Ring Android app flaw exposing camera recordings
Android malware apps with 2 million installs found on Google Play
Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)
APT41 group: 4 malicious campaigns, 13 victims, new tools and techniques
ATMZOW JS Sniffer Campaign Linked to Hancitor Malware
Before paying a ransom, hacked companies should consider their ethics and values
Beyond Compliance: The New Mandate To Harden Government Software
BlackByte ransomware gang returns with new multitier ransom strategy
Business Email Compromise Attack Tactics
China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year
CISA and FBI Warn of Zeppelin Ransomware Threat to Healthcare Organizations
Con artists use Amazon’s name and confusing tactics to bypass company defenses
Data security as a layer in defense in depth against ransomware
Employees intentionally leaked data in 25% of healthcare breaches: study
Florida Orthopaedic Institute Reaches $4M Settlement Over Data Breach
FortiGuard Labs reports Ransomware variants almost double in six months
Fremont County, Colo., Offices Close After Cyber Attack
Google blocks largest HTTPS DDoS attack 'reported to date'
Google Play malware: If you've downloaded these malicious apps, delete them immediately
Hackers Deploy Bumblebee Loader to Breach Target Networks
Hackers Using Bumblebee Loader to Compromise Active Directory Services
ID documents and contact details exposed in Vodacom fibre reseller data breach
IoT: The huge cybersecurity blind spot that’s costing millions
iPay88 data breach: KiplePay offering free card replacements to affected customers
Know your phishing, from your vishing or smishing
LockBit claims ransomware attack on security giant Entrust
Mailchimp breach shines new light on digital identity, supply chain risk
Manx Care faces £170k fine over patient data breach
More than 5 million Twitter accounts impacted by recent data breach
Novant Health data breach exposes protected patient information
Palo Alto Networks’ Unit 42 Publishes 2022 Response Report
Penetration Testing or Vulnerability Scanning? What's the Difference?
PwC Survey Finds C-Level Execs View Cybersecurity as Biggest Risk
Quarter of All Gambling Sites Hit by DDoS Attacks in June
Ransomware attacks increase by 60%; FBI encourages safe cyber practices
Reasons Why Healthcare Industry is the Biggest Target for Cyber Attacks
Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware
SFERRA Fine Linens, LLC - Notice of Data Breach
Task Force Gives SMBs Blueprint to Defend Against Ransomware
The factors driving today’s accelerated zero trust adoption
Top 5 ransomware attacks that shock the world
Twilio data breach exposed the phone numbers of 1,900 Signal users
Use Microsoft OneDrive? Here’s a phishing attack you need to know about
WestJet app data breach reveals other people's personal information
17/08
35 malicious apps found on Google Play Store, installed by 2m users
A dozen PyPI packages turn Discord into an info-stealing backdoor
Apex Capital blames malware attack for ‘unplanned system outage’
Apple security updates fix 2 zero-days used to hack iPhones, Macs
Bug Bounty Giant Slams Quality of Vendor Patching
Calls for international support to fight ‘uncontrollable’ ransomware surge in developing countries
Cambridge Water targeted by criminals in cyber attack
CISA Warns of Hackers Exploiting Multiple Vulnerabilities in the Zimbra Collaboration Suite
Crypto hack losses top $2 billion as crime shifts amid market decline
Cybercriminals Developing BugDrop Malware to Bypass Android Security Features
DigitalOcean Leaves Mailchimp After Email Security Scare
Everything You Need to Know About the LockBit Ransomware Family
Google fixes fifth Chrome zero-day bug exploited this year
Hacker disrupts systems at Forsyth County medical office
Hacker exposes revenge posters
Hackers roubam US$ 6 milhões em skins de “CS:GO”
How attackers are exploiting corporate IoT
How Russian Information Operations Are Trying to Win the War
Identity Scams Soar to Make 2021 a Record Year
Incident of the Week: Signal users directly targeted in Twilio phishing attack
Incident response in the cloud can be simple if you are prepared
Kiplepay Cautions Users on Potential Data Breach Due to iPay88’s Incident
Malicious Browser Extensions Targeted Over a Million Users So Far This Year
Malware devs already bypassed Android 13's new security feature
Microsoft makes tamper protection for macOS endpoints widely available
Morrie’s Auto Group Confirms Data Breach Affecting Former Employees
New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild
North Korean hackers use signed macOS malware to target IT job seekers
Nurse responsible for major monkeypox data breach in Perth
Organizations Struggle to Fend Off Cloud and Web Attacks
PF apreende R$ 3 milhões em criptomoedas de hacker que derrubou o ConecteSUS em 2021
Ransomware is still on the rise. Here's what you need to do to stay safe from hackers
Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese Hackers
Response-based attacks make up 41% of all email-based scams
RubyGems Mandates MFA for Top-100 Package Maintainers
Seaborgium targets sensitive industries in several countries
Spy group abuses Microsoft OneDrive to steal credentials in hack-and-leak campaigns
To Pay Or Not To Pay: Ransomware Negotiation Tactics
UK water company hit by cyber attack
Ukraine nuclear operator's website hit by cyber attack
USBs Still a Major OT Infection Vector
WA Health sorry over monkeypox data breach
WestJet customers report data breach, leaked personal information
What is challenging successful DevSecOps adoption?
16/08
5G traz novos riscos de insegurança digital, alerta cientista
1,900 Signal users exposed following Twilio breach
ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors
Após ataque hacker, datacenter da Prefeitura do Rio segue fora do ar
As Black Hat security conference turns 25, a lesson: security doesn’t have an end point
Ataque hacker tira do ar sistemas da prefeitura do Rio de Janeiro
BazarCall attack increasingly used by ransomware threat actors
Biden's three-headed cybersecurity team
Bipartisan legislation supports state and local cybersecurity
Breaking down silos and adopting a 'whole-of-state' cybersecurity approach
CISO salaries balloon, likely spurred by demand
Confused cyber criminals have hacked a water company in a bizarre case of mistaken identity
CS:GO trading site hacked to steal $6 million worth of skins
Cyber Sessions: No more hiding from cybersecurity
DEFCON: Electrovolt Exploits Against Electron Desktop Apps Exposed
DEFCON: How US Teen RickRolled His High School District
Defence gauging cyber security landscape for cyberspace warfare support
DigitalOcean customers affected by Mailchimp “security incident”
FBI, CISA warn of Zeppelin ransomware targeting healthcare
Google releases Android 13 with improved privacy and security features
Hacker cobrou resgate para devolver dados da ANP, que segue fora do ar
Hackers are finding ways around multi-factor authentication. Here's what to watch for
Hackers attack UK water supplier but extort wrong company
Healthcare Provider Issues Warning After Tracking Pixels Leak Patient Data
Honeywell Cybersecurity Research Reveals 52% of Cyber Threats Targeted at Removable Media
How aware are organizations of the importance of endpoint management security?
Malicious browser extensions targeted almost 7 million people
Matter protocol: Secure, reliable interoperability for smart home devices
Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium
Microsoft Warns About Phishing Attacks by Russia-linked Hackers
New Attack Weaponizes PLCs to Hack Enterprise and OT Networks
New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks
New MailChimp breach exposed DigitalOcean customer email addresses
Overcoming the roadblocks to passwordless authentication
Pentagon put microgrid technology to the test at DEF CON, drawing on hackers' ingenuity
PF faz operação contra hackers que derrubaram ConecteSUS no ano passado
PF faz operação contra suspeitos de ataque hacker no Ministério da Saúde em 2021
Scammers are using this sneaky tactic to trick you into handing over bank details and passwords
Serviços on-line da Prefeitura do Rio afetados por ataque hacker permanecem fora do ar
Several Orgs Impacted by Email Security Breach at RCM Vendor
SolCyber combines foundational security with cyber insurance to offer cheaper premiums to SMBs
The Benefits of Making Password Strength More Transparent
Two Additional Malicious Python Libraries Found on PyPI Repository
Unified Threat Management: The All-in-One Cybersecurity Solution
Vulnerability wholesaler cuts disclosure times over poor-quality patches
Zero Trust Adoption Reaches Record-High in Healthcare
Zero trust adoption skyrockets, nearing universal adoption
Water Company Says Supply Safe After Ransom Group Claims
Why organizations should control Active Directory permissions
15/08
4 Reasons Why One Should Use A VPN
6.7 million Twitter accounts have been added to Have-I-been-Pwned
3,699 personal data breach reports since 2017, commonest through online purchases
A Guide to User Access Monitoring and Why it is Important
A tale of two breaches: Comparing Twilio and Slack’s responses
Argentina's Judiciary of Córdoba hit by PLAY ransomware attack
Australian researchers reveal surge in recruitment scams during pandemic
Back to School Means More Cyber Concerns
Callback phishing attacks see massive 625% growth since Q1 2021
Can biometrics help? 123% increase in Gen Zs scammed online
Cedar Rapids Schools Admit To Paying Cyber Attack Ransom
CohnReznick data breach class action settlement
Concerns as cyber criminals release more attacks in a week
Credential phishing attacks skyrocketing, 265 brands impersonated in H1 2022
Credential Theft Is (Still) A Top Attack Method
Critical Infrastructure at Risk as Thousands of VNC Instances Exposed
Cybersecurity as a service- A freedom movement to defeat cybercrime
Cybersecurity Has Never Been More Unstable Than It Is Now
DeathStalker mercenaries are attacking cryptocurrency and exchange companies with VileRat
Dutch authorities arrest 29-year-old dev with suspected ties to Tornado Cash
Facebook Scammers Stole Hundreds of Thousands of Dollars Posing as Luxury Restaurant Suppliers
Fighting the next war against scams
Five Simple Steps For Securing Your Small Business
Florida Orthopaedic Institute data breach $4M class action settlement
For stronger cybersecurity in the remote work era, just say ‘SASE’
HC3 Calls Attention to Cloud Security Concerns, Mitigation Tactics
Healthcare Sector Facing 69% Increase in Cyberattacks
How attackers are breaking into organizations
iPay88 now claims POS, QR and eWallet transactions not affected in its data breach
Is a ‘Bring Your Own Device’ policy threatening the security of your SME?
Kaspersky uncovers new attacks by advanced persistent threat group
Kiplepay alerts users to potential third-party data breach, investigations ongoing
Lawmakers want to know how the health sector is fighting ransomware
Lee County Emergency Medical Services notifies past customers of third-party security breach
Leverage a Human-Centric Cybersecurity Strategy Using Managed XDR
Luckymouse Uses Compromised MiMi Chat App to Target Windows and Linux Systems
Majority of business execs in SEA anticipate data theft, APT, ransomware attacks
Malicious PyPi packages aim DDoS attacks at Counter-Strike servers
Maryland Amendments to Data Security and Breach Notification Law
Microsoft disrupts Russian hackers' operation on NATO targets
Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack
Protecting data at intersection of zero trust and open source
Public school board recovers data after cyber attack
RansomHouse breaches 8 Italian municipalities in fresh wave of ransomware attacks
Ransomware is back, healthcare sector most targeted
Russian hackers target Ukraine with default Word template hijacker
Signal Reveals Over 1900 Users Were Affected in a Recent Phishing Attack
Six Ways Of Safeguarding Employee Workstations
Software Patches Flaw on macOS Could Let Hackers Bypass All Security Levels
SOVA Android Banking Trojan Returns With New Capabilities and Targets
Suspected Tornado Cash Developer Accused of Money Laundering
Tbilisi club target of cyber attack after launching "Russian visa"
Text Based MFA Shown to Have Numerous Security Issues
The dangers of using public wi-fi
The Power of Provenance: From Reactive to Proactive Cybersecurity
Thousands of VNC Instances Exposed to Internet as Attacks Increase
Three Extradited from UK to US on $5m BEC Charges
Twilio hack exposed Signal phone numbers of 1,900 users
Ukraine: IT Army Blocked Over 600 Russian Online Resources In 2 Weeks
Virtual Network Computing (VNC) instances exposed to Internet pose critical infrastructures at risk
Why 90% of employers want to add data privacy protection to their benefits
Why it’s past time we operationalized cybersecurity
Windows, Linux and macOS Users Targeted by Chinese Iron Tiger APT Group
14/08
Apple’s macOS was hacked by the Zoom installer
Hacker breached our network via employee Google account, says Cisco
Mexico and cybersecurity, is the country protected?
New Smartphone Threat Brings Ransomware To Android & Targets Gmail Cookies
Novant warns patients of data breach; 1.3 million notification letters mailed
Over 9,000 VNC servers exposed online without a password
US Treasury sanctions Tornado Cash for money laundering for hacking groups
Why Hackers Are Now Targeting Electric Car Charging Stations