NEWS: Agosto (14/08 - 20/08) - 33 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

20/08

Apple Alerts Users About Security Problems In Their Macs, iPads, And iPhones

Bangladesh: Government alerts IT infrastructures, key offices over DDoS cyber-attack

Carousell Scam Tricks Victims Into Clicking Phishing Links, Unauthorised Transactions Made From Bank Accounts

Department of Social Services warns of EBT phishing scheme

Flashpoint’s report shows data theft incidents take place frequently due to hacking

Google blocks world’s largest web DDoS cyber attack ever

How Secure Is Microsoft OneDrive?

How the banking and financial industries are gearing up against phishing

Iran Targets Members Of Advocacy Group On US Soil

Ransomware Group Threatens Security Firm Entrust to Leak stolen data by August 20 2022

Ransomware-as-a-Service: SaaS' Evil Twin

Researcher warns against iPhone Apps of Meta, Instagram, TikTok over data breach

Spanish Banking Trojan Attacks Various Industry Verticals

Watch out for new credit card scams

19/08

4 Common Automotive Cybersecurity Vulnerabilities

265 Brands Impersonated in Credential Phishing Attacks in the First Half of 2022

Alternatives to facial recognition authentication

Apple Warns of Critical Security Risk in Safari For iPhones, iPads and Macs

Ataque hacker: Prefeitura do Rio tem site temporário com informações para população

Brasseler USA Announces Data Breach

British utility providing water to 1.6mn consumers target of cyber crime

Businesses Found to Neglect Cybersecurity Until it is Too Late

CISA adds 7 vulnerabilities to list of bugs exploited by hackers

Critical Amazon Ring Vulnerability Could Expose Camera Recordings

Cyber-attack on WSI gains access to personal data of North Dakotans

Cyber Tops Staff Retention as Biggest Business Risk

Dangerous iPhone, iPad & Mac threat – Update devices now

Documento indica que ataque hacker ao TCE-PR foi grave e mostrou falta de segurança do sistema

DoNot Team Hackers Updated its Malware Toolkit with Improved Capabilities

Estonia Repels Biggest Cyber-Attack Since 2007

Exploiting stolen session cookies to bypass multi-factor authentication (MFA)

FBI prevents Nebraska hospital cyber attack

Global ransomware survey reveals one in three organisations see malicious insiders as a route for ransomware

Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second

Google: Here's how we blocked the largest web DDoS attack ever

Google registra o maior ataque HTTPS DDoS da história

Grandoreiro banking malware targets manufacturers in Spain, Mexico

HC3 alerts to social engineering risk, rise in vishing attacks on healthcare

How A Hardware Crypto Wallet Protects Against Hackers

How to strengthen the human element of cybersecurity

iPhone Users Urged to Update to Patch 2 Zero-Days

LockBit Claims Entrust Ransomware Attack

Mailchimp data breach took down DigitalOcean's email services

Major city car dealership hit by huge data theft cyber attack

Most hopeless cyber attack ever still works

New Amazon Ring Vulnerability Could Have Exposed All Your Camera Recordings

Russian APT29 hackers abuse Azure services to hack Microsoft 365 users

Russian hackers plan to release data stolen from McKinney hospital onto dark web

Scammers extend phishing campaigns via IP range filtering to avoid detection

School Districts Share ‘Lesson Plan’ for Boosting Cybersecurity

Self-Driving Vehicles: A Serious Security Risk?

TikTok monitora o usuário do iOS fora do app, diz pesquisador

UK Carrier Claims to Block One Million Vishing Calls Per Day

18/08

A recently leaked data from 2021 Airtel's data breach, shows 18k people having same password

Aceitera General Dehezas discloses ransomware attack

Almost one million people affected by medical billing ransomware attack

Amazon fixes Ring Android app flaw exposing camera recordings

Android malware apps with 2 million installs found on Google Play

Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)

APT41 group: 4 malicious campaigns, 13 victims, new tools and techniques

ATMZOW JS Sniffer Campaign Linked to Hancitor Malware

Before paying a ransom, hacked companies should consider their ethics and values

Beyond Compliance: The New Mandate To Harden Government Software

BlackByte ransomware gang returns with new multitier ransom strategy

Business Email Compromise Attack Tactics

China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year

CISA and FBI Warn of Zeppelin Ransomware Threat to Healthcare Organizations

Con artists use Amazon’s name and confusing tactics to bypass company defenses

Consumer Financial Protection Bureau (CFPB) Says Companies Violate Federal Law by Not Protecting Consumer Data

Data security as a layer in defense in depth against ransomware

Employees intentionally leaked data in 25% of healthcare breaches: study

Florida Orthopaedic Institute Reaches $4M Settlement Over Data Breach

FortiGuard Labs reports Ransomware variants almost double in six months

Fremont County, Colo., Offices Close After Cyber Attack

Google blocks largest HTTPS DDoS attack 'reported to date'

Google Play malware: If you've downloaded these malicious apps, delete them immediately

Hackers Deploy Bumblebee Loader to Breach Target Networks

Hackers Using Bumblebee Loader to Compromise Active Directory Services

ID documents and contact details exposed in Vodacom fibre reseller data breach

IoT: The huge cybersecurity blind spot that’s costing millions

iPay88 data breach: KiplePay offering free card replacements to affected customers

Know your phishing, from your vishing or smishing

LockBit claims ransomware attack on security giant Entrust

Mailchimp breach shines new light on digital identity, supply chain risk

Manx Care faces £170k fine over patient data breach

More than 5 million Twitter accounts impacted by recent data breach

Novant Health data breach exposes protected patient information

Palo Alto Networks’ Unit 42 Publishes 2022 Response Report

Penetration Testing or Vulnerability Scanning? What's the Difference?

PwC Survey Finds C-Level Execs View Cybersecurity as Biggest Risk

Quarter of All Gambling Sites Hit by DDoS Attacks in June

Ransomware attacks increase by 60%; FBI encourages safe cyber practices

Reasons Why Healthcare Industry is the Biggest Target for Cyber Attacks

Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware

SFERRA Fine Linens, LLC - Notice of Data Breach

Task Force Gives SMBs Blueprint to Defend Against Ransomware

The factors driving today’s accelerated zero trust adoption

Top 5 ransomware attacks that shock the world

Twilio data breach exposed the phone numbers of 1,900 Signal users

Use Microsoft OneDrive? Here’s a phishing attack you need to know about

WestJet app data breach reveals other people's personal information

Whitworth University urges patience after data breach, reported ransomware attack: ‘This process does take time’

17/08

35 malicious apps found on Google Play Store, installed by 2m users

A dozen PyPI packages turn Discord into an info-stealing backdoor

Apex Capital blames malware attack for ‘unplanned system outage’

Apple security updates fix 2 zero-days used to hack iPhones, Macs

Atlantic Dialysis Management Services, LLC Announces Data Breach Possibly Stemming from Ransomware Attack

Bug Bounty Giant Slams Quality of Vendor Patching

Calls for international support to fight ‘uncontrollable’ ransomware surge in developing countries

Cambridge Water targeted by criminals in cyber attack

CISA Warns of Hackers Exploiting Multiple Vulnerabilities in the Zimbra Collaboration Suite

Crypto hack losses top $2 billion as crime shifts amid market decline

Cyber Attack Shuts Down BRP

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

DigitalOcean Leaves Mailchimp After Email Security Scare

Everything You Need to Know About the LockBit Ransomware Family

Google fixes fifth Chrome zero-day bug exploited this year

Hacker disrupts systems at Forsyth County medical office

Hacker exposes revenge posters

Hackers na mira de Joe Biden: essa empresa está ‘roubando’ clientes da Microsoft e a ação pode ‘explodir’ graças a um acordo milionário com governo dos EUA

Hackers roubam US$ 6 milhões em skins de “CS:GO”

How attackers are exploiting corporate IoT

How Russian Information Operations Are Trying to Win the War

Identity Scams Soar to Make 2021 a Record Year

Incident of the Week: Signal users directly targeted in Twilio phishing attack

Incident response in the cloud can be simple if you are prepared

Kiplepay Cautions Users on Potential Data Breach Due to iPay88’s Incident

Malicious Browser Extensions Targeted Over a Million Users So Far This Year

Malware devs already bypassed Android 13's new security feature

Microsoft makes tamper protection for macOS endpoints widely available

Morrie’s Auto Group Confirms Data Breach Affecting Former Employees

MSPs and MSSPs Be Advised, New Ransomware Variants Have Nearly Doubled in Six Months, Fortinet reports

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

North Korean hackers use signed macOS malware to target IT job seekers

Nurse responsible for major monkeypox data breach in Perth

Organizations Struggle to Fend Off Cloud and Web Attacks

PF apreende R$ 3 milhões em ​criptomoedas de hacker que derrubou o ConecteSUS em 2021

Ransomware is still on the rise. Here's what you need to do to stay safe from hackers

Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese Hackers

Response-based attacks make up 41% of all email-based scams

RubyGems Mandates MFA for Top-100 Package Maintainers

Seaborgium targets sensitive industries in several countries

Sistemas da Prefeitura do Rio chegam ao 3º dia fora do ar após ataque hacker; veja os serviços afetados

Spy group abuses Microsoft OneDrive to steal credentials in hack-and-leak campaigns

To Pay Or Not To Pay: Ransomware Negotiation Tactics

UK water company hit by cyber attack

Ukraine nuclear operator's website hit by cyber attack

USBs Still a Major OT Infection Vector

WA Health sorry over monkeypox data breach

WestJet customers report data breach, leaked personal information

What is challenging successful DevSecOps adoption?

16/08

5G traz novos riscos de insegurança digital, alerta cientista

1,900 Signal users exposed following Twilio breach

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

Após ataque hacker, datacenter da Prefeitura do Rio segue fora do ar

As Black Hat security conference turns 25, a lesson: security doesn’t have an end point

Ataque hacker tira do ar sistemas da prefeitura do Rio de Janeiro

BazarCall attack increasingly used by ransomware threat actors

Biden's three-headed cybersecurity team

Bipartisan legislation supports state and local cybersecurity

Breaking down silos and adopting a 'whole-of-state' cybersecurity approach

CISO salaries balloon, likely spurred by demand

Confused cyber criminals have hacked a water company in a bizarre case of mistaken identity

CS:GO trading site hacked to steal $6 million worth of skins

Cyber Sessions: No more hiding from cybersecurity

DEFCON: Electrovolt Exploits Against Electron Desktop Apps Exposed

DEFCON: How US Teen RickRolled His High School District

Defence gauging cyber security landscape for cyberspace warfare support

DigitalOcean customers affected by Mailchimp “security incident”

FBI, CISA warn of Zeppelin ransomware targeting healthcare

Google releases Android 13 with improved privacy and security features

Hacker cobrou resgate para devolver dados da ANP, que segue fora do ar

Hackers are finding ways around multi-factor authentication. Here's what to watch for

Hackers attack UK water supplier but extort wrong company

Healthcare Provider Issues Warning After Tracking Pixels Leak Patient Data

Honeywell Cybersecurity Research Reveals 52% of Cyber Threats Targeted at Removable Media

How aware are organizations of the importance of endpoint management security?

Malicious browser extensions targeted almost 7 million people

Matter protocol: Secure, reliable interoperability for smart home devices

Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

New Attack Weaponizes PLCs to Hack Enterprise and OT Networks

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks

New MailChimp breach exposed DigitalOcean customer email addresses

Overcoming the roadblocks to passwordless authentication

Pentagon put microgrid technology to the test at DEF CON, drawing on hackers' ingenuity

PF faz operação contra hackers que derrubaram ConecteSUS no ano passado

PF faz operação contra suspeitos de ataque hacker no Ministério da Saúde em 2021

Rising at 17.80% CAGR, Cyber Security in Healthcare Market Share to Reach USD 32.9 Billion, Globally by 2028: Comprehensive Research Report by Facts & Factors

Scammers are using this sneaky tactic to trick you into handing over bank details and passwords

Serviços on-line da Prefeitura do Rio afetados por ataque hacker permanecem fora do ar

Several Orgs Impacted by Email Security Breach at RCM Vendor

SolCyber combines foundational security with cyber insurance to offer cheaper premiums to SMBs

The Benefits of Making Password Strength More Transparent

Two Additional Malicious Python Libraries Found on PyPI Repository

Unified Threat Management: The All-in-One Cybersecurity Solution

Vulnerability wholesaler cuts disclosure times over poor-quality patches

Zero Trust Adoption Reaches Record-High in Healthcare

Zero trust adoption skyrockets, nearing universal adoption

Water Company Says Supply Safe After Ransom Group Claims

What Is Cybersecurity?

Why organizations should control Active Directory permissions

15/08

4 Reasons Why One Should Use A VPN

6.7 million Twitter accounts have been added to Have-I-been-Pwned

3,699 personal data breach reports since 2017, commonest through online purchases

A Guide to User Access Monitoring and Why it is Important

A tale of two breaches: Comparing Twilio and Slack’s responses

Argentina's Judiciary of Córdoba hit by PLAY ransomware attack

Australian researchers reveal surge in recruitment scams during pandemic

Back to School Means More Cyber Concerns

Callback phishing attacks see massive 625% growth since Q1 2021

Can biometrics help? 123% increase in Gen Zs scammed online

Cedar Rapids Schools Admit To Paying Cyber Attack Ransom

CohnReznick data breach class action settlement

Concerns as cyber criminals release more attacks in a week

Credential phishing attacks skyrocketing, 265 brands impersonated in H1 2022

Credential Theft Is (Still) A Top Attack Method

Critical Infrastructure at Risk as Thousands of VNC Instances Exposed

Cybersecurity as a service- A freedom movement to defeat cybercrime

Cybersecurity Has Never Been More Unstable Than It Is Now

DeathStalker mercenaries are attacking cryptocurrency and exchange companies with VileRat

Dutch authorities arrest 29-year-old dev with suspected ties to Tornado Cash

Facebook Scammers Stole Hundreds of Thousands of Dollars Posing as Luxury Restaurant Suppliers

Fighting the next war against scams

Five Simple Steps For Securing Your Small Business

Florida Orthopaedic Institute data breach $4M class action settlement

For stronger cybersecurity in the remote work era, just say ‘SASE’

HC3 Calls Attention to Cloud Security Concerns, Mitigation Tactics

Healthcare provider Novant issues data breach warning after site tracking pixels sent patients’ information to Meta servers

Healthcare Sector Facing 69% Increase in Cyberattacks

How attackers are breaking into organizations

iPay88 now claims POS, QR and eWallet transactions not affected in its data breach

Is a ‘Bring Your Own Device’ policy threatening the security of your SME?

Kaspersky uncovers new attacks by advanced persistent threat group

Kiplepay alerts users to potential third-party data breach, investigations ongoing

Lawmakers want to know how the health sector is fighting ransomware

Lee County Emergency Medical Services notifies past customers of third-party security breach

Leverage a Human-Centric Cybersecurity Strategy Using Managed XDR

Luckymouse Uses Compromised MiMi Chat App to Target Windows and Linux Systems

Majority of business execs in SEA anticipate data theft, APT, ransomware attacks

Malicious PyPi packages aim DDoS attacks at Counter-Strike servers

Maryland Amendments to Data Security and Breach Notification Law

Microsoft disrupts Russian hackers' operation on NATO targets

Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack

Protecting data at intersection of zero trust and open source

Public school board recovers data after cyber attack

RansomHouse breaches 8 Italian municipalities in fresh wave of ransomware attacks

Ransomware is back, healthcare sector most targeted

Russian hackers target Ukraine with default Word template hijacker

Signal Reveals Over 1900 Users Were Affected in a Recent Phishing Attack

Six Ways Of Safeguarding Employee Workstations

Software Patches Flaw on macOS Could Let Hackers Bypass All Security Levels

SOVA Android Banking Trojan Returns With New Capabilities and Targets

Suspected Tornado Cash Developer Accused of Money Laundering

Tbilisi club target of cyber attack after launching "Russian visa"

Text Based MFA Shown to Have Numerous Security Issues

The dangers of using public wi-fi

The Power of Provenance: From Reactive to Proactive Cybersecurity

Thousands of VNC Instances Exposed to Internet as Attacks Increase

Three Extradited from UK to US on $5m BEC Charges

Twilio hack exposed Signal phone numbers of 1,900 users

Ukraine: IT Army Blocked Over 600 Russian Online Resources In 2 Weeks

Virtual Network Computing (VNC) instances exposed to Internet pose critical infrastructures at risk

Why 90% of employers want to add data privacy protection to their benefits

Why it’s past time we operationalized cybersecurity

Windows, Linux and macOS Users Targeted by Chinese Iron Tiger APT Group

14/08

Apple’s macOS was hacked by the Zoom installer

Hacker breached our network via employee Google account, says Cisco

Mexico and cybersecurity, is the country protected?

New Smartphone Threat Brings Ransomware To Android & Targets Gmail Cookies

Novant warns patients of data breach; 1.3 million notification letters mailed

Over 9,000 VNC servers exposed online without a password

US Treasury sanctions Tornado Cash for money laundering for hacking groups

Why Hackers Are Now Targeting Electric Car Charging Stations

NEWS: Agosto (07/08 - 13/08) - 32 Semana de 2022