NEWS: Agosto (21/08 - 27/08) - 34 Semana de 2022
Cyber Security and Information Security News - Daily Updates !! Weekly Review
27/08
Canada: Conservatives call for release of report on massive Afghan immigration data breach
CISA: Prepare now for quantum computers, not when hackers use them
Cloud Applications are The Major Catalyst for Cyber-Attacks: Microsoft
Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center
Cryptocurrency Exchange Hacks In History: An Updated List 2022
Cyber insurance price hikes have left local governments reeling
Facebook agrees to settle Cambridge Analytica data breach lawsuit
Fake 'Cthulhu World' P2E project used to push info-stealing malware
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations
Palo Alto report reveals trends, recommendations on cybersecurity
Ransomware: Cyber Criminals Are Coming For The Global South
Scammers Made Deepfake AI Hologram of Binance Executive
Which Australian industries are most targeted by cyberattacks?
Your birthday is when you're most likely to be scammed - here's how to prevent it
26/08
A confusing data dump from Vice Society
Após ataque hacker, TJDFT retoma expediente regular na 2ª feira (29/8)
Atlassian Bitbucket Server vulnerable to critical RCE vulnerability
Barely one in 10 Canadians worried about cyber attacks and that concerns authorities
Bits ‘n Pieces (Trozos y Piezas)
Block Faces Class Action Suit After 2021 Breach
CISA: Action required now to prepare for quantum computing cyber threats
Cosmetics giant Sephora first to be fined for violating California’s Consumer Privacy Act
Cosmetics Giant Sephora to Pay $1m+ Privacy Settlement
Cyber-Attack Disrupts Public Services in Fremont County, Colorado
Cyber attack targets New Hampshire Lottery
Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework
DoorDash discloses new data breach tied to Twilio hackers
Facebook é condenado a indenizar internauta com perfil invadido por hacker
GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique
Hackers Breach LastPass Developer System to Steal Source Code
How complicated access management protocols have impacted cloud security
How fast is the financial industry fixing its software security flaws?
How to use confidential mode in Gmail to protect sensitive information
Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in Israel
Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access
Insurers May Not Cover ‘State-Sponsored’ Cyberattacks
IT leaders struggling to address identity sprawl
LastPass Breach Raises Disclosure Transparency Concerns
LastPass breach: Source code, proprietary tech info stolen
LastPass Hackers Stole Source Code
Microsoft: Iranian attackers are using Log4Shell to target organizations in Israel
Microsoft: Iranian hackers still exploiting Log4j bugs against Israel
Montenegro Accuses Russia of Cyber-Attacks on Govt Server
Montenegro reports massive Russian cyberattack against govt
Montenegro's state infrastructure hit by cyber attack -officials
New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks
New Hampshire Lottery website experiences cyberattack
0ktapus Phishing Campaign Targets Okta Identity Credentials
0ktapus phishing campaign: Twilio hackers targeted other 136 organizations
ParkMobile Can’t Escape Data Breach Class Action
San Diego American Indian Health Center: over 27,000 people are affected by data theft
TeamTNT Targeted Cloud Instances and Containerized Environments For Two Years
The Week in Ransomware - August 26th 2022 - Fighting back
This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers
Twilio breach let hackers gain access to Authy 2FA accounts
Why You Need a Third-Party Risk Management (TPRM) Program
25/08
Caught up in another password breach? Follow these 3 rules to protect yourself online
Chestermere Strathmore MLA cyber attacks being investigated
CIO Strategy Council wants to establish a national standard for cybersecurity workers
Conheça Peiter Zatko, o hacker que expôs os segredos do Twitter
GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones
Hackers abuse Genshin Impact anti-cheat system to disable antivirus
Hackers adopt Sliver toolkit as a Cobalt Strike alternative
HC3 Warns Healthcare Sector of Karakurt Ransomware Group
How CISOs can safeguard security in CI/CD environments
How to navigate payment regulations without compromising customer experience
KLAS Evaluates Healthcare Cybersecurity, Data Privacy Consulting Vendors
LastPass developer systems hacked to steal source code
Microsoft Attributes New Post-Compromise Capability to Nobelium
Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass
Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows
Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers
NHS Cyber Attack, August 2022: What’s the Fallout?
Nobelium APT uses new Post-Compromise malware MagicWeb
Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations
0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations
Organizations changing cyber strategy in response to nation-state attacks
Phishing PyPI users: Attackers compromise legitimate projects to push malware
PyPI packages hijacked after developers fall for phishing emails
PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks
Ransomware dominates the threat landscape
Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats
Scammers Create 'AI Hologram' of C-Suite Crypto Exec
Security pros fret about stress and promotion over cyber attacks
Site Nota Carioca volta a funcionar após sofrer ataque hacker
Talos Renews Cybersecurity Support For Ukraine on Independence Day
Threat actors are using the Tox P2P messenger as C2 server
Twilio hackers hit over 130 orgs in massive Okta phishing attack
US Firm Pays $16m to Settle Healthcare Fraud Claims
U.S. Government Spending Billions on Cybersecurity
We need to think about ransomware differently
Workplace Stress Worse than Cyber-Attack Fears for Security Pros
24/08
5 Keys To Successful Least Privilege Policy Implementation
Advanced updates on healthcare ransomware attack
Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDs
Another hospital in Europe falls victim to a cyberattack. This time with a US$10m ransom
Atenção utilizadores de Android: Relatório da ESET aponta para crescimento de malware em apps
Avast disponibiliza Ransomware Shield para soluções de empresa
Avast Ransomware Shield Offers New Layer of Protection For Businesses In Light of Evolving Threats
Barracuda threat report reveals spike in ransomware to more than 1.2 million per month
Calcium Products, Inc. Confirms Recent Data Breach
California Age-Appropriate Design Code Act (ADCA) bill aims to increase children’s data privacy
California corrections says potential data breach affected staff, inmates
CISOs see little need for a point solution to cover ransomware risk
Cloud Range Introduces Cognitive Assessment to Improve Cybersecurity Hiring
Community Loan Servicing, LLC Files Notice of Data Breach
Compliance Into The Weeds - HanesBrands Cyber Security Breach Disclosure
Construction firms offered new cyber security guidance
Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)
Cyber Signals report highlights ransomware-as-a-service
Cyber Unit Announces Amalgamation with Techtone Merge to Become a Cyber Security Powerhouse
Digital transformation giant Orion Innovation hit by LockBit ransomware, hacker group claims
eCapital Corp. Announces June 2021 Data Breach in August 2022
Fake Chrome extension 'Internet Download Manager' has 200,000 installs
Fans heading to the World Cup in Qatar and firms involved in tournament warned about cybercrime risk
Finland scores highly for cybersecurity: Digital Nomads
Fort Wayne City Council Approves $5 Million For Cyber Security & Firefighter Breathing Equipment
Fremont County, Ohio, Extends Disaster After Cyber Attack
GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software
Google: An app that beeps when there is data breach
Greece's largest natural gas distributor suffers a Ragnar Locker ransomware attack
Grupos de ransomware Hive, LockBit e BlackCat atacam uma mesma rede consecutivamente
Hackers Using Fake DDoS Protection Pages to Distribute Malware
Hacking gang Monster uses a graphical interface to deploy its ransomware
Healthcare is Disproportionately Susceptible to Extortion
How ransomware attacks target specific industries
IoT Vulnerability Disclosures Up 57% in Six Months, Claroty Reveals
Iranian cyberespionage group uses new Hyperscrape tool to extract emails from victims’ mailboxes
Is security becoming a priority for DevOps teams?
Lionel Holdings, LLC Reports Data Breach After the Company Was Targeted in a Ransomware Attack
Lloyd's to exclude certain nation-state attacks from cyber insurance policies
LockBit ransomware group implicated in crippling attack on French hospital
Microsoft Active Directory as a Prime Target for Ransomware Operators
Mitigating Risk of Data Leaks in Investigations
Moon School District Suffers Cyber Attack
NCSC Shares Guidance to Help Secure Large Construction Projects
New ransomware HavanaCrypt poses as Google software update
Plex breached: Change your passwords now
Plex Data Breach Compromised Usernames, Emails & Passwords
Plex suffers data breach; third-party gains access to emails, usernames and more
Quantum ransomware attack disrupts govt agency in Dominican Republic
Ransomware-as-a-service industrializou cibercrime numa economia em ascensão com papéis bem definidos
Ransomware Surges to 1.2 Million Attacks Per Month
Sacramento-area college has its system hacked — again
Saudi Arabia to Stimulate Local Cyber-security Industry
Seis meses de guerra: Porque os ciberataques russos são pouco eficazes na invasão à Ucrânia?
The Ransomware Playbook Mistakes That Can Cost You Millions
Top 10 Cybersecurity Trends and Predictions to Look Out for in 2023
US Healthcare Sector Breaches 342m+ Records Since 2009
US, Israel sign deal to combat ransomware, protect critical financial infrastructure
US Orgs Have Suffered 5,000 Healthcare Data Breaches Since 2009
XCSSET malware authors devise new ways to target MacOS Monterey devices
WannaCry explained: A perfect ransomware storm
Why business email compromise still tops ransomware for total losses
Why Does Medical Imaging Equipment Need Better Cybersecurity?
23/08
7 open-source malware analysis tools you should try out
35 Apps de malware foram encontrados na Google Play Store
A closer look at identity crimes committed against individuals
Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data
API security incidents occur at least once a month
CISA Adds Palo Alto Networks' PAN-OS Vulnerability to Catalog
Configuration Errors to Blame for 80% of Ransomware
Counterfeit Android Devices Revealed to Contain Backdoor Designed to Hack WhatsApp
CISA adds Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog
Counterfeit versions of popular mobile devices target WhatsApp and WhatsApp Business
Cyber attackers disrupt services at French hospital, demand $10 million ransom
DDoS attacks jump 203%, patriotic hacktivism surges