NEWS: Agosto (22/08 - 28/08) - 34 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!

28/08
Atlassian released security patches to fix a critical flaw in Confluence - Security Affairs
Deepfakes in cyberattacks aren’t coming. They’re already here - Venture Beat
Hoosiers start receiving data breach letters from state - KPC News
In the first half of 2021, coin miners, web shells, and ransomware accounted for 56% of malware attacking Linux systems - Bolly Inside
Linux is not invulnerable, here are some top Linux malware in 2021 - Techzim
Microsoft Azure vulnerability uncovered great many cloud databases - Broadcast Cover
Microsoft warns thousands of cloud customers of data vulnerability - Dunya News
Over 1 Million Gamers were exposed to Hackers by known Android game developers from China - TechnoSports
Phorpiex botnet shuts down and authors put source code for sale - Security Affairs
Ragnarok Gang shuts down activities and releases its decryption key - The Clare People
T-Mobile CEO calls latest data breach ‘humbling,’ claims it’s committed to security - The Verge
The Source Code of the ‘Phorpiex’ Botnet Was Made Available for Purchase - TechNadu
Wawa Will Settle Its Lawsuit With Data Breach Victims for $9 Million - TechNadu
White House rallies private industry in cyber battle - The Hill

27/08
An RCE in Annke video surveillance product allows hacking the device - Security Affairs
Annke Video Recorder Vulnerable to Critical Remote Code Execution - TechNadu
B. Braun Infusomat pumps could be hacked to alter medication doses - Security Affairs
Berkeley High alum, 19, posted stolen nude photos of underage girls online, police say - DataBreache Net
Boston Public Library discloses cyberattack, system-wide technical outage - Bleeping Computer
Challenges organizations face when implementing zero trust architecture - Help Net Security
ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers - Security Affairs
Cloudflare says it stopped the largest DDoS attack ever reported - ZDNet
Critical Cosmos Database Flaw Affected Thousands of Microsoft Azure Customers - The Hacker News
Don’t Leave Security to the Network - Security Boulevard
Kaseya Issues Patches for Two New 0-Day Flaws Affecting Unitrends Servers - The Hacker News
Microsoft, Google to Invest $30 Billion in Cybersecurity Over Next 5 Years - The Hacker News
Microsoft Warns About a Widespread Phishing Campaign Which Abuses Redirector Links - TechNadu
T-Mobile CEO: Hacker brute-forced his way through our network - Bleeping Computer
The FBI issued a flash alert for Hive ransomware operations - Security Affairs
Trends in the OT/ICS security space and what’s to come - Help Net Security
Victims of Ragnarok ransomware can decrypt their files for free - Security Affairs
Your data, your choice - Help Net Security
What is driving organizations to explore emerging technologies? - Help Net Security

26/08
21-year-old tells WSJ he was behind massive T-Mobile hack - ZDNet
Checking for misconfigurations isn’t enough - Help Net Security
Chinese developers expose data belonging to Android gamers - ZDNet
Cisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switches - Security Affairs
Cloud Workload Security - Security Boulevard
Cybersecurity market soaring as threats target commercial and govt organizations - Help Net Security
Cybersecurity warning: Realtek flaw exposes dozens of brands to supply chain attacks - ZDNet
Data protection: UK to diverge from GDPR in post-Brexit overhaul of privacy rules - ZDNet
DEF CON 29 Main Stage – Brian Hong’s ‘Sleight Of ARM: Demystifying Intel Houdini’ - Security Boulevard
DEF CON 29 Main Stage – Chad Seaman’s ‘UPnProxyPot: Fake The Funk, Become A Blackhat Proxy, MITM Their TLS… - Security Boulevard
Employees participating in unethical behaviors to help an organization actually harm themselves - Help Net Security
F5 Releases Critical Security Patches for BIG-IP and BIG-IQ Devices - The Hacker News
FBI releases alert about Hive ransomware after attack on hospital system in Ohio and West Virginia - ZDNet
FBI shares technical details for Hive ransomware - Bleeping Computer
How to make email safe for business - Help Net Security
Kaseya fixed two of the three Kaseya Unitrends zero-days found in July - Security Affairs
Kaseya patches Unitrends server zero-days, issues client mitigations - Bleeping Computer
Microsoft accidentally lowers OneDrive for Business storage limits - Bleeping Computer
Microsoft and Google to invest billions to bolster US cybersecurity - Bleeping Computer
New Passwordless Verification API Uses SIM Security for Zero Trust Remote Access - The Hacker News
Personal Data and docs of Swiss town Rolle available on the dark web - Security Affairs
PJCIS recommends passage of Bill that will allow incidental collection of Australian data - ZDNet
Quantum computers could read all your encrypted data. This 'quantum-safe' VPN aims to stop that - ZDNet
Synology: Multiple products impacted by OpenSSL RCE vulnerability - Bleeping Computer
The Increased Liability of Local In-home Propagation - The Hacker News
VMware Issues Patches to Fix New Flaws Affecting Multiple Products - The Hacker News
Vulnerability management is facing three core problems: Here’s how to solve them - Help Net Security
Ways to Integrate Cloud Applications Into Your Business - Security Boulevard

25/08
22% of cybersecurity incidents in H1 2021 were ransomware attacks - Help Net Security
40% of SaaS assets are unmanaged, putting companies at risk for data leaks - Help Net Security
Advanced persistent threat protection market to grow steadily by 2026 - Help Net Security
Australia's 'hacking' Bill passes the Senate after House made 60 amendments - ZDNet
B.Braun Infusomat Pumps Could Let Attackers Remotely Alter Medication Dosages - The Hacker News
Banking’s Digital Future Raises Security Concerns - Security Boulevard
Best security camera 2021: Secure your home or office - ZDNet
Best security system 2021: Protect your home & office - ZDNet
Coinminers, web shells and ransomware made up 56% of malware targeting Linux systems in H1 2021 - Help Net Security
Ethereum urges Go devs to fix severe chain-split vulnerability - Bleeping Computer
FIN8 cybercrime gang backdoors US orgs with new Sardonic malware - Bleeping Computer
Hybrid work: How do you secure every identity on your network? - Help Net Security
How the pandemic delivered the future of corporate cybersecurity faster - Help Net Security
Modified version of Android WhatsApp installs Triada Trojan - Security Affairs
New Hampshire town loses $2.3 million to overseas scammers - Bleeping Computer
New SideWalk Backdoor Targets U.S.-based Computer Retail Business - The Hacker News
Preventing your Cloud 'Secrets' from Public Exposure: An IDE plugin solution - The Hacker News
Proofpoint awarded $13.5 million in IP theft lawsuit against Vade Secure - ZDNet
Ransomware: These four rising gangs could be your next major cybersecurity threat - ZDNet
Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions - The Hacker News
Samsung could use a TV Block feature to disable any of its TVs worldwide - Security Affairs
ShinyHunters group claims to have data of 70M AT&T customers - Security Affairs
Singapore further eases access to contact tracing devices - ZDNet
Why you need to make Microsoft 365 a 24/7 security priority - Help Net Security

24/08
6 ways cybersecurity teams can save time and money - Security Boulevard
38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations - The Hacker News
Adverse security implications of enterprises network overprovisioning - Help Net Security
Apple, Microsoft and Amazon chiefs to meet Biden over critical infrastructure cyber attacks - ZDNet
Building A Secure Cloud: Strong Data Protection - Security Boulevard
Consumer Confidence in Data Security Plummets - Security Boulevard
Cybereason vs. LockBit2.0 Ransomware - Security Boulevard
DEF CON 29 Main Stage – David Dworken’ ‘Worming Through IDEs’ - Security Boulevard
DEF CON 29 Main Stage- Hao Xing’s And Zekai Wu’s ‘How I Use A JSON 0Day To Steal Your Money On The Blockchain’ - Security Boulevard
Diving Deeper Into the “Hive” Ransomware Modus Operandi - TechNadu
FBI flash alert warns on OnePercent Group Ransomware attacks - Security Affairs
FBI Warns About the “OnePercent” Ransomware Group and Its Tactics - TechNadu
Firmware: Beyond Securing the Software Stack - Security Boulevard
HYCU initiative offers free evaluation for ransomware recovery prospects - ZDNet
IoT market to reach $1.5 trillion by 2027, security top priority - Help Net Security
Kubescape helps admins manage Kubernetes securely - Help Net Security
Malicious WhatsApp mod infects Android devices with malware - Bleeping Computer
New zero-click iPhone exploit used to deploy NSO spyware - Bleeping Computer
Ransomware gang's script shows exactly the files they're after - Bleeping Computer
Realtek SDK flaws exploited to deliver Mirai bot variant - Security Affairs
Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc - The Hacker News
Samsung can remotely disable their TVs worldwide using TV Block - Bleeping Computer
Security and compliance still a challenge for container architectures - Help Net Security
SteelSeries bug gives Windows 10 admin rights by plugging in a device - Bleeping Computer
Texan Social Media Scammer Defrauded 100 People of $650,000 - TechNadu
Three reasons why ransomware recovery requires packet data - Help Net Security
What is the HIPAA Security Rule? Three safeguards to have in place - Help Net Security
Why Isn’t My VPN Working? – We Uncover the Most Common VPN Issues & How to Resolve Them! - TechNadu

23/08
446 Australian breach notifications with 30% of system faults found after a year - ZDNet
58% of IT leaders worried their business could become a target of rising nation state attacks - Help Net Security
AI-Fueled Deep Fakes Signal New Era of Cybercrime - Security Boulevard
Aprenda como se proteger do ransomware, ataque que “sequestra” seus dados - R7
Ask Chloé: How to Address Zoom Fatigue - Security Boulevard
Cybercriminals Inducing Insiders to Plant Malware - Security Boulevard
IBM finds ASX outage the result of trade platform not being ready for go-live - ZDNet
IBM’s New Telum Chips Can Detect and Stop Fraud in Real-Time - TechNadu
ICS vulnerabilities disclosed in H1 2021 rose by 41% - Help Net Security
Infosecurity Europe Moves to ExCeL London in 2022 - InfoSecurity Magazine
LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs - Security Affairs
Memorial Health System forced to cancel surgeries after ransomware attack - Security Affairs
New LockFile Ransomware Variant Exploits "PetitPotam" Bug - InfoSecurity Magazine
Orgs Brace for Breaches as IT Pros Battle Fatigue - Security Boulevard
ProxyShell vulnerabilities actively exploited to deliver web shells and ransomware - Help Net Security
Researcher Releases ‘Razer’ Elevation of Privilege Exploit on Twitter - TechNadu
Singapore, US pledge deeper collaboration in cybersecurity - ZDNet
T-Mobile Breach Now Affects 54.6 Million Individuals - InfoSecurity Magazine
T-Mobile Data Breach, Tinder Identity Verification, Magnetic Stripe Phase Out - Security Boulevard
The impact of eCommerce fraud on retailers and shoppers - Help Net Security
UK Regulator Raises Serious Concerns Over Nvidia-Arm Deal - InfoSecurity Magazine
Why automated pentesting won’t fix the cybersecurity skills gap - Help Net Security
Why Do Developers Continue to Write Vulnerable Code? - Security Boulevard

22/08
7 data privacy tips for your phone from digital security experts - CNet
After a massive data breach, T-Mobile offers its customers an identity protection tool - Tech News Inc
Apple is bringing client-side scanning mainstream and the genie is out of the bottle - ZDNet
Atlanta Allergy & Asthma first mails notices to patients; data was dumped back in March - Data Breaches Net
Banque Misr halts transactions to prepaid Meeza cards following phishing reports - Ahram online
Bellevue’s T-Mobile breach impacts 53 mln customers as probe finds wider bearings - Financial World
Brazilian businesses suffer 13,000 hacker attacks per month - Tiorienteering
Check Point Software: "We are now experiencing a ‘ransomware pandemic’" - ITP Net
DEF CON 29 Main Stage – Ian Coldwater’s & Chad Rikansrud’s ‘Real Life Story Of The 1st Mainframe Container Breakout’ - Security Boulevard
DEF CON 29 Main Stage – James Kettle’s ‘HTTP2: The Sequel Is Always Worse’ - Security Boulevard
Department of Conservation's Aoraki/Mount Cook hit by ransomware attack - RNZ
Disinfect your phone … - Moneyweb
Education sector sees increase in cyberattacks - The Manila Times
Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP - Security Affairs
Hackers Are Offering $1M to Employees Who Install Ransomware on Company Computers - Interesting Engineering
Hackers Steal Even More Social Security Numbers - The Chronicle
In 2021, security researchers discovered a “staggering number” of vulnerabilities in industrial control systems - Bollyinside
Microsoft shares guidance on securing Windows 365 Cloud PCs - Bleeping Computer
Over 1500 fraudulent global resources aimed at potential crypto investors detected in 2021: Kaspersky - The Hindu Business Line
Razer bug lets you become a Windows 10 admin by plugging in a mouse - Bleeping Computer
Rethinking security with Identity Detection & Response (IDR) - Gulf Business
Risk management in the age of ransomware - Healthcare Global
Schools, colleges brace for cyberattacks as students return - The Hill
Security camera hacking: It can happen to you. Here's how to stop it - CNet
T-Mobile breach fallout — it's time to decide who deserves your business - Tom's Guide
T-Mobile hack represents a return to the origins of cybercrime - Bollyinside
Tokio Marine Insurance Singapore Hit by Ransomware Attack - Data Breaches Net
WARNING: Microsoft Exchange Under Attack With ProxyShell Flaws - The Hacker News