NEWS: Agosto (15/08 - 21/08) - 33 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!!

21/08

A Complete Guide to Not Getting Hacked - Gizmodo

American Freight Notice of Data Breach - Big News Network

Camicado website is down after the hacker attack that killed Lojas Renner - Sprout Wired

China pushes through data protection law that applies cross-border - ZDNet

Experts warn that ransomware hackers can target the US supply chain - Bollyinside

Google Docs phishing scam warning as ‘worm’ that hacked more 1million accounts could strike again at ANY time - The Sun

Hackers stole more than 90 million U.S. dollars from Japan’s Liquid Crypto Exchange - Quebec News Tribune

Indian businesses suffer more cyber attacks with remote working - WeForNews

Kaspersky warns of voice phishing and other new hacking scams in Q2 2021 - Dividend Wealth

Microsoft Exchange servers being hacked by new LockFile ransomware - Bleeping Computer

More Than 600 ICS Flaws Spotted in H1 2021 - Softpedia News

New attacks from APT31 are targeting Russia, U.S, and Canada - Digital Journal

T-Mobile confirms fifth data breach in three years - Graham Cluley

20/08

637 flaws in industrial control system (ICS) products were published in H1 2021 - Security Affairs

A full return to the office is more likely once the pandemic ends - Help Net Security

Accenture struck by ransomware attack, claims “no impact” - Insurance Business

AT&T breach? ShinyHunters selling AT&T database with 70 million SSN - HackRead

AT&T denies data breach after hacker auctions 70 million user database - Bleeping Computer

Attackers rapidly adopting new techniques to target users - Help Net Security

Blackbaud Must Face CCPA Claims in Multi-district Class Action from Data Breach - JDSupra

Brazilian government discloses treasury ransomware attack - Digital Journal

Charter Communications Patents Tech to Detect and Ban Pirate Streaming Boxes - TechNadu

China aprova lei sobre dados pessoais na internet - G1 Economia

Cisco warns of Server Name Identification data exfiltration flaw in multiple products - Security Affairs

Cloudflare Handled a DDoS Attack That Spiked at 17.2 Million Requests per Second - TechNadu

Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps - The Hacker News

Cybercrime Group Asking Insiders for Help in Planting Ransomware - The Hacker News

Cybersecurity jobs: This is what we're getting wrong when hiring – and here's how to fix it - ZDNet

Data breach at Pine Labs exposes 500,000 records - The Hindu Business Line

Google Docs Scams Still Pose a Threat - Wired

Hackers steal nearly $100m in Japan crypto heist - BBC

HTTP DDoS attacks reach unprecedented 17 million requests per second - Bleeping Computer

Identify Critical Security Vulnerabilities With IAST - Security Boulevard

If encryption is so good at protecting data, why do so many businesses succumb to cyberattacks? - Help Net Security

‘Mozi’ Botnet Is Coming for Your Old and Unpatched Network Gateways - TechNadu

Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways - The Hacker News

NYC Teachers' Social Security Numbers Exposed - InfoSecurity Magazine

Ohio Denies Unemployment System Has Been Hacked Amid Hijacks - Government Technology

Pegasus iPhone hacks used as lure in extortion scheme - Bleeping Computer

Ransomware Groups Are Now Enticing Disgruntled Employees to Deploy the Payload - TechNadu

Social account thief goes to prison for stealing, trading nude photos - Bleeping Computer

St. Joseph’s/Candler Back Online After Ransomware Attack - Health IT Security

19/08

83 million devices using the Kalay protocol are at risk for remote takeover. Are yours? - TechRepublic

As hybrid working arrangements remain, employers must ensure their staff works safely - Help Net Security

Blackbaud Must Face CCPA Claims in Multidistrict Class Action from Data Breach - National Law Review

CISA shares guidance on how to prevent ransomware data breaches - Bleeping Computer

Cisco will not patch critical flaw CVE-2021-34730 in EoF routers - Security Affairs

Cisco won’t fix zero-day RCE vulnerability in end-of-life VPN routers - Bleeping Computer

Citizen Lab finds Apple's China censorship process bleeds into Hong Kong and Taiwan - ZDNet

Coin Ninja CEO Admits Operating Darknet Bitcoin Mixer - InfoSecurity Magazine

Data of more than 40 million exposed in T-Mobile breach - The Hindu Business Line

DEF CON 29 Main Stage – Mars Cheng’s & Selmon Yang’s ‘Taking Apart And Taking Over ICS & SCADA Ecosystems’ - Security Boulevard

Device complexity leaving schools at heightened risk of ransomware attacks - Help Net Security

Enterprises looking to cybersecurity providers to help protect IT systems - Help Net Security

FTC says scammers are impersonating FTC Chair Lina Khan in email phishing scheme - Consumer Affairs

Get an email about COVID stimulus from the FTC chair? It's a scam - CNet

Hackers can bypass Cisco security products in data theft attacks - Bleeping Computer

Half of APAC firms bypass processes to accommodate remote work - ZDNet

ICS vulnerabilities soared by ‘staggering’ 41% in early 2021 - Drives & Controls

IT Leaders: Nation State Campaigns Are Inspiring Cybercrime Attacks - InfoSecurity Magazine

JPMorgan Chase Notifies Customers of Data Breach - InfoSecurity Magazine

Kingston Police warn public of multi-layered Microsoft scam - Kingstonist

Liquid cryptocurency exchange loses over $90 million following hack - Bleeping Computer

Lojas Renner está fora do ar e confirma ataque de sequestro digital - Canal Tech

Memorial Health System progresses after attack - The Marietta Times

More Than 600K Patients Impacted by UNM Health Data Breach - Health IT Security

New unofficial Windows patch fixes more PetitPotam attack vectors - Bleeping Computer

NK-linked InkySquid APT leverages IE exploits in recent attacks - Security Affairs

Personal Info of Navalny Supporters Leaked and Police Already Visiting Exposed Individuals - TechNadu

Phishing attacks increase in H1 2021, sharp jump in crypto attacks - Help Net Security

Ransomware: This amateur attack shows how clueless criminals are trying to get in on the action - ZDNet

Renner confirma ataque. RansomExx reivindica autoria - CISO Advisor

Renner fica com site fora do ar, após sofrer ataque cibernético - InfoMoney

Renner sofre ataque de ransomware e sistemas ficam fora do ar - Exame

Researchers Find New Evidence Linking Diavol Ransomware to TrickBot Gang - The Hacker News

Scammers Have Become Aggressive With Identity Thefts - Digital Journal

Site das Lojas Renner sai do ar após ataque hacker - G1

South Africa Data Breach Costs Reached Record Highs During Pandemic – IT News Africa

St. Joseph’s/Candler health system contacting patients after ransomware attack - WTOC

The warning signs of burnout and how to deal with it - Help Net Security

Threat actors hacked US Census Bureau in 2020 by exploiting a Citrix flaw - Security Affairs

Threat actors stole $97 million from Liquid cryptocurency exchange - Security Affairs

Zero trust network access: A safe journey to a better employee experience - Help Net Security

You can post LinkedIn jobs as ANY employer — so can attackers - Bleeping Computer

18/08

Adopting Zero-Trust for API Security - Security Boulevard

Become a Google DevOps and blockchain expert with this $30 bundle - Bleeping Computer

CISA Urges Organizations to Patch Critical BlackBerry QNX Bug - InfoSecurity Magazine

Collaboration is the key to protecting critical national infrastructure - Help Net Security

Confucius APT Is Exploiting the “Pegasus” Spyware Worries to Trick Pakistanis - TechNadu

Critical Bug Could Allow Remote Snooping Via Millions of Devices - InfoSecurity

Cybersecurity is top priority for enterprises as they shift to digital-first operating models - Help Net Security

Diavol ransomware sample shows stronger connection to TrickBot gang - Bleeping Computer

Does a VPN Protect You from Hackers? - The Hacker News

GitHub pushes users to enable 2FA following end of password authentication for Git operations - ZDNet

Houdini malware returns, enterprise risk assessment compromised by Amazon Sidewalk - Help Net Security

How businesses use data might not be popular with the public - Help Net Security

How Much Cybersecurity Do You Need? - Security Boulevard

Iranian Hackers Target Several Israeli Organizations With Supply-Chain Attacks - The Hacker News

Japanese insurer Tokio Marine discloses ransomware attack - Bleeping Computer

Microsoft takes a stake in Rubrik to combat ransomware - ZDNet

Microsoft touts role in meeting Biden's order to fend off major hacks on the US - ZDNet

Mozilla, MacArthur and Ford foundations unite to oppose Facebook ban on NYU disinformation research - ZDNet

New Version of the ‘Neurevt’ Trojan Comes Bundled With Info-Stealers - TechNadu

NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware - The Hacker News

Phishing Costs Surge to $15m Annually for US Organizations - InfoSecurity Magazine

T-Mobile data breach: New information uncovered by the investigation - Help Net Security

T-Mobile says hackers stole records belonging to 48.6 million individuals - Bleeping Computer

This ransomware has returned with new techniques to make attacks more effective - ZDNet

17/08

1.9 million+ records from the FBI’s terrorist watchlist available online - Security Affairs

4 Vulnerabilities in Realtek SDK Affect 200 Device Models From 65 Vendors - TechNadu

Brazilian National Treasury hit with ransomware attack - ZDNet

Chase bank accidentally leaked customer info to other customers - Bleeping Computer

Colonial Pipeline discloses data breach after May ransomware attack - Security Affairs

Colonial Pipeline Reportedly Admits Data Breach - InfoSecurity Magazine

Database Security Snafu Exposes America’s Secret Terrorist Watchlist - TechNadu

Digital fraud attempts on the rise: Gaming, travel and leisure most targeted - Help Net Security

ESG regulatory requirements present risk but also opportunities - Help Net Security

‘Grande Communications’ Sued by Movie Studios Coalition Over Failure to Stop Pirates - TechNadu

How building a world class SOC can alleviate security team burnout - Help Net Security

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan - The Hacker News

Misconfigured Server Leaks US Terror Watchlist - InfoSecurity Magazine

MoD Invites Innovators to Reduce Military's Cyber-Attack Surface - InfoSecurity Magazine

Most organizations experienced at least one ransomware attack, multiple attacks very common - Help Net Security

NAS devices under attack: How to keep them safe? - Help Net Security

New Phishing Campaign Employs ‘Supreme Court Settlement Agreement’ Tactics - TechNadu

OCR Labs granted accreditation as first private 'trusted' government ID operator - ZDNet

Ransomware Attack Cripples Dozens of ‘Memorial Health System’ Hospitals - TechNadu

T-Mobile data breach: Industry reactions - Help Net Security

Where do we stand when it comes to multi-cloud maturity? - Help Net Security

16/08

65 vendors affected by severe vulnerabilities in Realtek chips - Help Net Security

Accenture published ransomware report after LockBit attack - CRN

AFP seeks upgrades to telco interception and surveillance device monitoring tool - ZDNet

Apple to tune CSAM system to keep one-in-a-trillion false positive deactivation threshold - ZDNet

Application Security Books For Your Bookshelf - Security Boulevard

Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks - The Hacker News

Colonial Pipeline notifying 5,810 people whose PII and PHI were caught up in DarkSide breach - Data Breaches net

Colonial Pipeline reports data breach after May ransomware attack - Bleeping Computer

Colonial Pipeline sends breach letters to more than 5,000 after ransomware group accessed SSNs, more - ZDNet

Copyright scammers turn to phone numbers instead of web links - Naked Security by Sophos

Data breach at New York university potentially affects 47,000 citizens - The Daily Swig

DEFCON 29 Main Stage – Paz Hameiri’s ‘TEMPEST Radio Station’ - Security Boulevard

DEF CON 29 Main Stage – Rex Guo’s & Junyuan Zeng’s ‘Phantom Attack: Evading System Call Monitoring’ - Security Boulevard

Delivery Scams Most Prominent Form of Smishing - InfoSecurity Magazine

Demand for data is growing, but so are data supply chain challenges - Help Net Security

Dozens of STARTTLS Related Flaws Found Affecting Popular Email Clients - The Hacker News

Education giant Pearson fined $1M for downplaying data breach - Bleeping Computer

Especialista explica riscos de ataque de ransomware ao Tesouro Nacional - Olhar Digital

Even the US president wants zero trust: Here’s how to make it a reality - Help Net Security

Fake parcel delivery texts are the top SMS phishing scam - Your Money

GA: Memorial Health System experiences ransomware attack - Data Breaches net

Hackers behind Iranian wiper attacks linked to Syrian breaches - Bleeping Computer

Hacker invade rede interna do Tesouro Nacional; entenda o que houve - Jornal O Norte

Hacker Leaks Data of Ecuador’s Public Telco Stolen Last Month During a Ransomware Attack - TechNadu

Half of US Hospitals Shut Down Networks Due to Ransomware - InfoSecurity Magazine

Hive ransomware attacks Memorial Health System, steals patient data - Bleeping Computer

How to Detect Zero Day Attacks with an Analytics-Driven SIEM - Security Boulevard

How to foster collaboration with the IT team for a successful zero trust implementation - Help Net Security

Incredible Rise in Cyber Security Growth Rate! - Security Boulevard

'Jigsaw Puzzle' Phishing Attacks Use Morse Code to Hide - InfoSecurity Magazine

Malware dev infects own PC and data ends up on intel platform - Bleeping Computer

Microsoft 365: This new one-click button lets businesses report scam emails - ZDNet

Moorfields Eye Hospital investigating cyber attack on Dubai hospital, notifying patients - Data Breaches net

More than 5,000 pandemic-related phishing websites since the beginning of the pandemic identified - CIO

Most employees reusing personal passwords to protect corporate data - Help Net Security

New AdLoad Variant Bypasses Apple's Security Defenses to Target macOS Systems - The Hacker News

Operators of the ‘Legalizer’ Drugs Webstore Exposed by Anonymous Hacker - TechNadu

Ransomware attack didn't "structurally damage" Treasury Department - The Brazilian Report

Recent attacks on Iran were orchestrated by the Indra group - Security Affairs

Reliance on third party workers making companies more vulnerable to cyberattacks - Help Net Security

Secret terrorist watchlist with 2 million records exposed online - Bleeping Computer

SIM swap scammer pleads guilty to Instagram account hijacks, crypto theft - Bleeping Computer

SMEs awareness of GDPR is high, but few adhere to its legal requirements - Help Net Security

T-Mobile Leaks PII of ‘Every User’ in HUGE 100M+ Breach - Security Boulevard

T-Mobile says hackers accessed user data but won't confirm SSN breach of 100 million customers - ZDNet

T-Mobile Says It’s Investigating a Possible Data Breach Incident - TechNadu

US FINRA warns US brokerage firms and brokers of ongoing phishing attacks - Security Affairs

15/08

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad - Security Affairs

Beware of fake text messages posing as state agencies aiming to get your information - ABC7 Chicago

Bio firms raising alert over vaccine tech theft - Biz & Tech

Destination Maternity notifying 93,776 employees of hacking incident - Data Breaches net

Ford bug exposed customer and employee records from internal systems - Bleeping Computer

Hacker claims to steal data of 100 million T-mobile customers - Bleeping Computer

Hackers atacam sistema do Tesouro Nacional e PF é acionada, diz ministério - Folha de São Paulo

Hackers invadem sistema do Tesouro Nacional - Correio Braziliense

Over 1/3rd of firms experienced ransomware attack or breach globally - The Sentinel

Password Storage Best Practices - Forbes

Prevention is better than cure, even in the digital world - Tech HindustanTimes

Ransomware hackers hit 2 public wastewater plants in Maine - Data Breaches net

Sistema do Tesouro Nacional sofre ataque hacker - CNN Brasil

Tesouro Nacional sofre ataque hacker; governo aciona PF e avalia prejuízos... - UOL

The Research Foundation for the State University of New York notifying 46,734 of breach - Data Breaches net

Watch out for fraudulent QR codes - OA Online

Which? warning over DPD missed delivery phishing text scam - Dorset Echo

NEWS: Agosto (15/08 - 21/08) - 33 Semana de 2021