top of page

NEWS: Agosto (21/08 - 27/08) - 34 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review


Canada: Conservatives call for release of report on massive Afghan immigration data breach

CISA: Prepare now for quantum computers, not when hackers use them

Cloud Applications are The Major Catalyst for Cyber-Attacks: Microsoft

Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center

Cryptocurrency Exchange Hacks In History: An Updated List 2022

Cyber insurance price hikes have left local governments reeling

Facebook agrees to settle Cambridge Analytica data breach lawsuit

Fake 'Cthulhu World' P2E project used to push info-stealing malware

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

Palo Alto report reveals trends, recommendations on cybersecurity

Ransomware: Cyber Criminals Are Coming For The Global South

Scammers Made Deepfake AI Hologram of Binance Executive

Which Australian industries are most targeted by cyberattacks?

Your birthday is when you're most likely to be scammed - here's how to prevent it


A confusing data dump from Vice Society

Após ataque hacker, TJDFT retoma expediente regular na 2ª feira (29/8)

Ataque hacker: Prefeitura do Rio prorroga prazos de serviços da Fazenda; sistema segue há 11 dias fora do ar

Atlassian Bitbucket Server vulnerable to critical RCE vulnerability

Barely one in 10 Canadians worried about cyber attacks and that concerns authorities

Bits ‘n Pieces (Trozos y Piezas)

Block Faces Class Action Suit After 2021 Breach

CISA: Action required now to prepare for quantum computing cyber threats

Cosmetics giant Sephora first to be fined for violating California’s Consumer Privacy Act

Cosmetics Giant Sephora to Pay $1m+ Privacy Settlement

Cyber-Attack Disrupts Public Services in Fremont County, Colorado

Cyber attack targets New Hampshire Lottery

Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework

DoorDash discloses new data breach tied to Twilio hackers

Facebook é condenado a indenizar internauta com perfil invadido por hacker

GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique

Hackers Breach LastPass Developer System to Steal Source Code

How complicated access management protocols have impacted cloud security

How fast is the financial industry fixing its software security flaws?

How to use confidential mode in Gmail to protect sensitive information

Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in Israel

Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access

Insurers May Not Cover ‘State-Sponsored’ Cyberattacks

IT leaders struggling to address identity sprawl

LastPass Breach Raises Disclosure Transparency Concerns

LastPass breach: Source code, proprietary tech info stolen

LastPass Hackers Stole Source Code

Microsoft: Iranian attackers are using Log4Shell to target organizations in Israel

Microsoft: Iranian hackers still exploiting Log4j bugs against Israel

Montenegro Accuses Russia of Cyber-Attacks on Govt Server

Montenegro reports massive Russian cyberattack against govt

Montenegro's state infrastructure hit by cyber attack -officials

New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks

New Hampshire Lottery website experiences cyberattack

0ktapus Phishing Campaign Targets Okta Identity Credentials

0ktapus phishing campaign: Twilio hackers targeted other 136 organizations

ParkMobile Can’t Escape Data Breach Class Action

Portuguese Airline Foils Cyber Attack, But Experts Warn Criminal Hackers Have The Aviation Industry in Their Sights

San Diego American Indian Health Center: over 27,000 people are affected by data theft

TeamTNT Targeted Cloud Instances and Containerized Environments For Two Years

The Week in Ransomware - August 26th 2022 - Fighting back

This Week in Malware – 450 Packages and a Phishing Campaign Against PyPI Maintainers

Twilio breach let hackers gain access to Authy 2FA accounts

Why You Need a Third-Party Risk Management (TPRM) Program


Caught up in another password breach? Follow these 3 rules to protect yourself online

Chestermere Strathmore MLA cyber attacks being investigated

CIO Strategy Council wants to establish a national standard for cybersecurity workers

Conheça Peiter Zatko, o hacker que expôs os segredos do Twitter

GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones

Hackers abuse Genshin Impact anti-cheat system to disable antivirus

Hackers adopt Sliver toolkit as a Cobalt Strike alternative

Hackers are attempting to steal millions of dollars from businesses by bypassing multi-factor authentication

HC3 Warns Healthcare Sector of Karakurt Ransomware Group

How CISOs can safeguard security in CI/CD environments

How to navigate payment regulations without compromising customer experience

KLAS Evaluates Healthcare Cybersecurity, Data Privacy Consulting Vendors

LastPass developer systems hacked to steal source code

Microsoft Attributes New Post-Compromise Capability to Nobelium

Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass

Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows

Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers

NHS Cyber Attack, August 2022: What’s the Fallout?

Nobelium APT uses new Post-Compromise malware MagicWeb

Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations

0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations

Organizations changing cyber strategy in response to nation-state attacks

Phishing PyPI users: Attackers compromise legitimate projects to push malware

PyPI packages hijacked after developers fall for phishing emails

PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks

Ransomware dominates the threat landscape

Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats

Scammers Create 'AI Hologram' of C-Suite Crypto Exec

Security pros fret about stress and promotion over cyber attacks

Site Nota Carioca volta a funcionar após sofrer ataque hacker

Talos Renews Cybersecurity Support For Ukraine on Independence Day

Threat actors are using the Tox P2P messenger as C2 server

Twilio hackers hit over 130 orgs in massive Okta phishing attack

US Firm Pays $16m to Settle Healthcare Fraud Claims

U.S. Government Spending Billions on Cybersecurity

We need to think about ransomware differently

Workplace Stress Worse than Cyber-Attack Fears for Security Pros


5 Keys To Successful Least Privilege Policy Implementation

Advanced updates on healthcare ransomware attack

Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDs

Another hospital in Europe falls victim to a cyberattack. This time with a US$10m ransom

Atenção utilizadores de Android: Relatório da ESET aponta para crescimento de malware em apps

Avast disponibiliza Ransomware Shield para soluções de empresa

Avast Ransomware Shield Offers New Layer of Protection For Businesses In Light of Evolving Threats

Barracuda threat report reveals spike in ransomware to more than 1.2 million per month

Calcium Products, Inc. Confirms Recent Data Breach

California Age-Appropriate Design Code Act (ADCA) bill aims to increase children’s data privacy

California corrections says potential data breach affected staff, inmates

CISOs see little need for a point solution to cover ransomware risk

Cloud Range Introduces Cognitive Assessment to Improve Cybersecurity Hiring

Community Loan Servicing, LLC Files Notice of Data Breach

Compliance Into The Weeds - HanesBrands Cyber Security Breach Disclosure

Construction firms offered new cyber security guidance

Critical Insight Finds Attackers Shifting Focus to Smaller Hospital Systems and Specialty Clinics in H1 2022 Healthcare Data Breach Report

Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)

Cyber Signals report highlights ransomware-as-a-service

Cyber Unit Announces Amalgamation with Techtone Merge to Become a Cyber Security Powerhouse

Digital transformation giant Orion Innovation hit by LockBit ransomware, hacker group claims

eCapital Corp. Announces June 2021 Data Breach in August 2022

Fake Chrome extension 'Internet Download Manager' has 200,000 installs

Fans heading to the World Cup in Qatar and firms involved in tournament warned about cybercrime risk

Finland scores highly for cybersecurity: Digital Nomads

Fort Wayne City Council Approves $5 Million For Cyber Security & Firefighter Breathing Equipment

Fremont County, Ohio, Extends Disaster After Cyber Attack

GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software

Google: An app that beeps when there is data breach

Greece's largest natural gas distributor suffers a Ragnar Locker ransomware attack

Grupos de ransomware Hive, LockBit e BlackCat atacam uma mesma rede consecutivamente

Hackers are attempting to steal millions of dollars from businesses by bypassing multi-factor authentication

Hackers attack the Dominican Agrarian Institute (IAD); they ask for about US$600 thousand to return data

Hackers Using Fake DDoS Protection Pages to Distribute Malware

Hacking gang Monster uses a graphical interface to deploy its ransomware

Healthcare is Disproportionately Susceptible to Extortion

How ransomware attacks target specific industries

IoT Vulnerability Disclosures Up 57% in Six Months, Claroty Reveals

Iranian cyberespionage group uses new Hyperscrape tool to extract emails from victims’ mailboxes

Is security becoming a priority for DevOps teams?

Lionel Holdings, LLC Reports Data Breach After the Company Was Targeted in a Ransomware Attack

Lloyd's to exclude certain nation-state attacks from cyber insurance policies

LockBit ransomware group implicated in crippling attack on French hospital

Microsoft Active Directory as a Prime Target for Ransomware Operators

Mitigating Risk of Data Leaks in Investigations

Moon School District Suffers Cyber Attack

NCSC Shares Guidance to Help Secure Large Construction Projects

New ransomware HavanaCrypt poses as Google software update

Plex breached: Change your passwords now

Plex Data Breach Compromised Usernames, Emails & Passwords

Plex suffers data breach; third-party gains access to emails, usernames and more

Quantum ransomware attack disrupts govt agency in Dominican Republic

Ransomware-as-a-service industrializou cibercrime numa economia em ascensão com papéis bem definidos

Ransomware Surges to 1.2 Million Attacks Per Month

'Recuperei a maior parte dos fundos roubados da Nomad e tudo o que recebi foi esse NFT bobo', diz hacker white hat

Sacramento-area college has its system hacked — again

Saudi Arabia to Stimulate Local Cyber-security Industry

Seis meses de guerra: Porque os ciberataques russos são pouco eficazes na invasão à Ucrânia?

The Challenge of Shadow OT

The Ransomware Playbook Mistakes That Can Cost You Millions

Top 10 Cybersecurity Trends and Predictions to Look Out for in 2023

Twitter Dismisses Whistleblower's Claim Of Sensitive User Data Breach, Terms Allegation ‘False Narrative'

UK Water Supplier Suffered a Clop Ransomware Attack During Major Drought; Victim Initially Misidentified as UK’s Largest Water Utility

US Healthcare Sector Breaches 342m+ Records Since 2009

US, Israel sign deal to combat ransomware, protect critical financial infrastructure

US Orgs Have Suffered 5,000 Healthcare Data Breaches Since 2009

XCSSET malware authors devise new ways to target MacOS Monterey devices

WannaCry explained: A perfect ransomware storm

Why business email compromise still tops ransomware for total losses

Why Does Medical Imaging Equipment Need Better Cybersecurity?


7 open-source malware analysis tools you should try out

35 Apps de malware foram encontrados na Google Play Store

A closer look at identity crimes committed against individuals

Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data

API security incidents occur at least once a month

CISA Adds Palo Alto Networks' PAN-OS Vulnerability to Catalog

Configuration Errors to Blame for 80% of Ransomware

Counterfeit Android Devices Revealed to Contain Backdoor Designed to Hack WhatsApp

CISA adds Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog

Counterfeit versions of popular mobile devices target WhatsApp and WhatsApp Business

Cyber attackers disrupt services at French hospital, demand $10 million ransom

DDoS attacks jump 203%, patriotic hacktivism surges