top of page

NEWS: Agosto (21/08 - 27/08) - 34 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

27/08


Canada: Conservatives call for release of report on massive Afghan immigration data breach


CISA: Prepare now for quantum computers, not when hackers use them


Cloud Applications are The Major Catalyst for Cyber-Attacks: Microsoft


Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center


Cryptocurrency Exchange Hacks In History: An Updated List 2022


Cyber insurance price hikes have left local governments reeling


Facebook agrees to settle Cambridge Analytica data breach lawsuit


Fake 'Cthulhu World' P2E project used to push info-stealing malware


Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations


Palo Alto report reveals trends, recommendations on cybersecurity


Ransomware: Cyber Criminals Are Coming For The Global South


Scammers Made Deepfake AI Hologram of Binance Executive


Which Australian industries are most targeted by cyberattacks?


Your birthday is when you're most likely to be scammed - here's how to prevent it


26/08


A confusing data dump from Vice Society


Após ataque hacker, TJDFT retoma expediente regular na 2ª feira (29/8)


Ataque hacker: Prefeitura do Rio prorroga prazos de serviços da Fazenda; sistema segue há 11 dias fora do ar


Atlassian Bitbucket Server vulnerable to critical RCE vulnerability


Barely one in 10 Canadians worried about cyber attacks and that concerns authorities


Bits ‘n Pieces (Trozos y Piezas)


Block Faces Class Action Suit After 2021 Breach


CISA: Action required now to prepare for quantum computing cyber threats


Cosmetics giant Sephora first to be fined for violating California’s Consumer Privacy Act


Cosmetics Giant Sephora to Pay $1m+ Privacy Settlement


Cyber-Attack Disrupts Public Services in Fremont County, Colorado


Cyber attack targets New Hampshire Lottery


Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework


DoorDash discloses new data breach tied to Twilio hackers


Facebook é condenado a indenizar internauta com perfil invadido por hacker


GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique


Hackers Breach LastPass Developer System to Steal Source Code


How complicated access management protocols have impacted cloud security


How fast is the financial industry fixing its software security flaws?


How to use confidential mode in Gmail to protect sensitive information


Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in Israel


Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access


Insurers May Not Cover ‘State-Sponsored’ Cyberattacks


IT leaders struggling to address identity sprawl


LastPass Breach Raises Disclosure Transparency Concerns


LastPass breach: Source code, proprietary tech info stolen


LastPass Hackers Stole Source Code


Microsoft: Iranian attackers are using Log4Shell to target organizations in Israel


Microsoft: Iranian hackers still exploiting Log4j bugs against Israel


Montenegro Accuses Russia of Cyber-Attacks on Govt Server


Montenegro reports massive Russian cyberattack against govt


Montenegro's state infrastructure hit by cyber attack -officials


New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks


New Hampshire Lottery website experiences cyberattack


0ktapus Phishing Campaign Targets Okta Identity Credentials


0ktapus phishing campaign: Twilio hackers targeted other 136 organizations


ParkMobile Can’t Escape Data Breach Class Action


Portuguese Airline Foils Cyber Attack, But Experts Warn Criminal Hackers Have The Aviation Industry in Their Sights


San Diego American Indian Health Center: over 27,000 people are affected by data theft


TeamTNT Targeted Cloud Instances and Containerized Environments For Two Years


The Week in Ransomware - August 26th 2022 - Fighting back


This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers


Twilio breach let hackers gain access to Authy 2FA accounts


Why You Need a Third-Party Risk Management (TPRM) Program


25/08


Caught up in another password breach? Follow these 3 rules to protect yourself online


Chestermere Strathmore MLA cyber attacks being investigated


CIO Strategy Council wants to establish a national standard for cybersecurity workers


Conheça Peiter Zatko, o hacker que expôs os segredos do Twitter


GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones


Hackers abuse Genshin Impact anti-cheat system to disable antivirus


Hackers adopt Sliver toolkit as a Cobalt Strike alternative


Hackers are attempting to steal millions of dollars from businesses by bypassing multi-factor authentication


HC3 Warns Healthcare Sector of Karakurt Ransomware Group


How CISOs can safeguard security in CI/CD environments


How to navigate payment regulations without compromising customer experience


KLAS Evaluates Healthcare Cybersecurity, Data Privacy Consulting Vendors


LastPass developer systems hacked to steal source code


Microsoft Attributes New Post-Compromise Capability to Nobelium


Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass


Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows


Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers


NHS Cyber Attack, August 2022: What’s the Fallout?


Nobelium APT uses new Post-Compromise malware MagicWeb


Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations


0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations


Organizations changing cyber strategy in response to nation-state attacks


Phishing PyPI users: Attackers compromise legitimate projects to push malware


PyPI packages hijacked after developers fall for phishing emails


PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks


Ransomware dominates the threat landscape


Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats


Scammers Create 'AI Hologram' of C-Suite Crypto Exec


Security pros fret about stress and promotion over cyber attacks


Site Nota Carioca volta a funcionar após sofrer ataque hacker


Talos Renews Cybersecurity Support For Ukraine on Independence Day


Threat actors are using the Tox P2P messenger as C2 server


Twilio hackers hit over 130 orgs in massive Okta phishing attack


US Firm Pays $16m to Settle Healthcare Fraud Claims


U.S. Government Spending Billions on Cybersecurity


We need to think about ransomware differently


Workplace Stress Worse than Cyber-Attack Fears for Security Pros


24/08


5 Keys To Successful Least Privilege Policy Implementation


Advanced updates on healthcare ransomware attack


Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDs


Another hospital in Europe falls victim to a cyberattack. This time with a US$10m ransom


Atenção utilizadores de Android: Relatório da ESET aponta para crescimento de malware em apps


Avast disponibiliza Ransomware Shield para soluções de empresa


Avast Ransomware Shield Offers New Layer of Protection For Businesses In Light of Evolving Threats


Barracuda threat report reveals spike in ransomware to more than 1.2 million per month


Calcium Products, Inc. Confirms Recent Data Breach


California Age-Appropriate Design Code Act (ADCA) bill aims to increase children’s data privacy


California corrections says potential data breach affected staff, inmates


CISOs see little need for a point solution to cover ransomware risk


Cloud Range Introduces Cognitive Assessment to Improve Cybersecurity Hiring


Community Loan Servicing, LLC Files Notice of Data Breach


Compliance Into The Weeds - HanesBrands Cyber Security Breach Disclosure


Construction firms offered new cyber security guidance


Critical Insight Finds Attackers Shifting Focus to Smaller Hospital Systems and Specialty Clinics in H1 2022 Healthcare Data Breach Report


Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)


Cyber Signals report highlights ransomware-as-a-service


Cyber Unit Announces Amalgamation with Techtone Merge to Become a Cyber Security Powerhouse


Digital transformation giant Orion Innovation hit by LockBit ransomware, hacker group claims


eCapital Corp. Announces June 2021 Data Breach in August 2022


Fake Chrome extension 'Internet Download Manager' has 200,000 installs


Fans heading to the World Cup in Qatar and firms involved in tournament warned about cybercrime risk


Finland scores highly for cybersecurity: Digital Nomads


Fort Wayne City Council Approves $5 Million For Cyber Security & Firefighter Breathing Equipment


Fremont County, Ohio, Extends Disaster After Cyber Attack


GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software


Google: An app that beeps when there is data breach


Greece's largest natural gas distributor suffers a Ragnar Locker ransomware attack


Grupos de ransomware Hive, LockBit e BlackCat atacam uma mesma rede consecutivamente


Hackers are attempting to steal millions of dollars from businesses by bypassing multi-factor authentication


Hackers attack the Dominican Agrarian Institute (IAD); they ask for about US$600 thousand to return data


Hackers Using Fake DDoS Protection Pages to Distribute Malware


Hacking gang Monster uses a graphical interface to deploy its ransomware


Healthcare is Disproportionately Susceptible to Extortion


How ransomware attacks target specific industries


IoT Vulnerability Disclosures Up 57% in Six Months, Claroty Reveals


Iranian cyberespionage group uses new Hyperscrape tool to extract emails from victims’ mailboxes


Is security becoming a priority for DevOps teams?


Lionel Holdings, LLC Reports Data Breach After the Company Was Targeted in a Ransomware Attack


Lloyd's to exclude certain nation-state attacks from cyber insurance policies


LockBit ransomware group implicated in crippling attack on French hospital


Microsoft Active Directory as a Prime Target for Ransomware Operators


Mitigating Risk of Data Leaks in Investigations


Moon School District Suffers Cyber Attack


NCSC Shares Guidance to Help Secure Large Construction Projects


New ransomware HavanaCrypt poses as Google software update


Plex breached: Change your passwords now


Plex Data Breach Compromised Usernames, Emails & Passwords


Plex suffers data breach; third-party gains access to emails, usernames and more


Quantum ransomware attack disrupts govt agency in Dominican Republic


Ransomware-as-a-service industrializou cibercrime numa economia em ascensão com papéis bem definidos


Ransomware Surges to 1.2 Million Attacks Per Month


'Recuperei a maior parte dos fundos roubados da Nomad e tudo o que recebi foi esse NFT bobo', diz hacker white hat


Sacramento-area college has its system hacked — again


Saudi Arabia to Stimulate Local Cyber-security Industry


Seis meses de guerra: Porque os ciberataques russos são pouco eficazes na invasão à Ucrânia?


The Challenge of Shadow OT


The Ransomware Playbook Mistakes That Can Cost You Millions


Top 10 Cybersecurity Trends and Predictions to Look Out for in 2023


Twitter Dismisses Whistleblower's Claim Of Sensitive User Data Breach, Terms Allegation ‘False Narrative'


UK Water Supplier Suffered a Clop Ransomware Attack During Major Drought; Victim Initially Misidentified as UK’s Largest Water Utility


US Healthcare Sector Breaches 342m+ Records Since 2009


US, Israel sign deal to combat ransomware, protect critical financial infrastructure


US Orgs Have Suffered 5,000 Healthcare Data Breaches Since 2009


XCSSET malware authors devise new ways to target MacOS Monterey devices


WannaCry explained: A perfect ransomware storm


Why business email compromise still tops ransomware for total losses


Why Does Medical Imaging Equipment Need Better Cybersecurity?


23/08


7 open-source malware analysis tools you should try out


35 Apps de malware foram encontrados na Google Play Store


A closer look at identity crimes committed against individuals


Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data


API security incidents occur at least once a month


CISA Adds Palo Alto Networks' PAN-OS Vulnerability to Catalog


Configuration Errors to Blame for 80% of Ransomware


Counterfeit Android Devices Revealed to Contain Backdoor Designed to Hack WhatsApp


CISA adds Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog


Counterfeit versions of popular mobile devices target WhatsApp and WhatsApp Business


Cyber attackers disrupt services at French hospital, demand $10 million ransom


DDoS attacks jump 203%, patriotic hacktivism surges