NEWS: Agosto/Setembro (29/08 - 04/09) - 35 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!
04/09
British ISPs ‘Voip Unlimited’ and ‘Voipfone’ Still Struggling With DDoS Disruption - TechNadu
Cyber Criminal Actors are Targeting the Food and Agriculture Sector with Ransomware Attacks - EIN PressWire
Hive is dangerous new ransomware threat, FBI says - FOX Business
Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack - The Hacker News
PlayStation users warned of scam risks in popular PS4 game - don't fall for this trick - Express
Ransomware attacks are rising, and cities are taking some of the biggest hits - The Philadelphia Inquirer
Ransomware Attacks on Labor Day: FBI Warns as Hackers Work when Offices Close - TechTimes
Turkey fines WhatsApp over data breach - The Jakarta Post
U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw - The Hacker News
03/09
Attacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigation - Security Affairs
Babuk ransomware's full source code leaked on hacker forum - Bleeping Computer
BitConnect director pleads guilty to role in $2 billion cryptocurrency fraud - ZDNet
CISA, FBI Post Ransomware Alert Ahead of Holiday Weekend - Security Boulevard
Confessions of a ransomware negotiator: Well, somebody's got to talk to the criminals holding data hostage - The Register
Conti ransomware now hacking Exchange servers with ProxyShell exploits - Bleeping Computer
Critical Heap Buffer Overflow in Sudo Plaguing Tyco Illustra Cameras - TechNadu
Dallas Independent School District reports data breach impacting current and former students, staff - The Daily Swig
Dallas Independent School District reveals breach, but details are still missing - Data Breaches Net
Eight US States to Begin Accepting Digital Driving Licenses - Info Security Magazine
FBI: Sextortion complaints spike leads to $8 million in losses - Bleeping Computer
FBI warns of ransomware attacks targeting the food and agriculture sector - Security Affairs
Fed up with constant cyberattacks, one country is about to make some big changes - ZDNet
FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor - The Hacker News
FTC orders SpyFone to delete all of its surveillance data - ZDNet
Implementing a strategic planning process is key to drive future revenue growth - Help Net Security
Increasing number of investigations calls for advanced technology and dedicated teams - Help Net Security
Modernizing Health Care Security with SASE - Security Boulevard
Over 60,000 domains parked at MarkMonitor could be taken over - Bleeping Computer
Patched: Critical bug with public PoC exploit in Cisco infrastructure virtualization software (CVE-2021-34746) - Help Net Security
Russia Blocks ExpressVPN, NordVPN, and IPVanish for Failure to Comply With Censorship Rules - TechNadu
Tabcorp argues banks should be responsible for handling credit card gambling blocks - ZDNet
Tech CEOs: Multi-Factor Authentication Can Prevent 90% of Attacks - Info Security Magazine
This New Malware Family Using CLFS Log Files to Avoid Detection - The Hacker News
When Cyber-Attacks Lead to Disasters, Does the Stafford Act Apply? - Info Security Magazine
Why should enterprises invest in machine identity management tools? - Help Net Security
Women Make Gains in Cybersecurity, But Gaps Remain - Security Boulevard
02/09
A dropper-as-a-service miscreants pay to push their malware onto potentially 1,000s of victims - The Register
African businesses’ vulnerability to cyber attacks worsened by pandemic: report - The Independent
Autodesk reveals it was targeted by Russian SolarWinds hackers - Bleeping Computer
Bad Bots Focus Attacks on E-Commerce Targets - InfoSecurity Magazine
Bluetooth Bugs Open Billions of Devices to DoS, Code Execution - Threatpost
Chinese Authorities Arrest Hackers Behind Mozi IoT Botnet Attacks - The Hacker News
Cisco fixes critical authentication bypass bug with public exploit - Bleeping Computer
Comcast RF Attack Leveraged Remotes for Surveillance - Threatpost
Deerfield offering credit monitoring after data breach potentially exposed residents’ info - Greenfield Recorder
Digital State IDs Start Rollouts Despite Privacy Concerns - Threatpost
Execs don't sound very confident about long-term network security in the WFH era - TechRepublic
FBI warns of ransomware gangs targeting food, agriculture orgs - Bleeping Computer
How companies can keep cybercriminals at bay - Back End News
How SMBs can prevent QR code abuse - BizReport
Layered security strategy vital to combat Microsoft 365 phishing threat - IT Brief
Most local civil society organisations vulnerable to cyber risks – Report - Macau Business
NCC Group Reveals Threefold Increase in Targeted Ransomware Attacks in 2021 - AIthority
New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable - The Hacker News
Official website of Banksy hacked for fake NFT scam - Hackread
Previous employees with access to corporate data remain a threat to businesses - Help Net Security
Ransomware gangs target organizations during holidays and weekends - Help Net Security
Sacked Employee Deletes 21GB of Credit Union Files - InfoSecurity Magazine
Sophos discovers Gootloader mothership controls malicious content - Back End News
The Emergence of Killware: The next lethal malware CISOs need to worry about - DataQuest
UK Researchers Invent Device to Thwart USB Malware - InfoSecurity Magazine
Vulnerabilities allow attackers to remotely deactivate home security system (CVE-2021-39276, CVE-2021-39277) - Help Net Security
What is AS-REP Roasting attack, really? - The Hacker News
WhatsApp Fined €225m for GDPR Violations - InfoSecurity Magazine
WhatsApp patches vulnerability related to image filter functionality - ZDNet
01/09
700,000 French pharmacy Covid test results left publicly available - The Connexion French News
CISA Warns About the Ransomware Risk During the Upcoming Labor Day Holiday - TechNadu
Cream Finance platform pilfered for over $34 million in cryptocurrency - ZDNet
Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns - The Hacker News
Finding and using the right cybersecurity incident response tools - Help Net Security
Fired NY credit union employee nukes 21GB of data in revenge - Bleeping Computer
Getting ahead of a major blind spot for CISOs: Third-party risk - Help Net Security
Hybrid work is here to stay, but security concerns are high - Help Net Security
Linphone SIP Stack Bug Could Let Attackers Remotely Crash Client Devices - The Hacker News
LockBit gang leaks Bangkok Airways data, hits Accenture customers - Bleeping Computer
LockBit ransomware operators leak 200GB of data belonging to Bangkok Airways - Security Affairs
Logitech Bolt: New wireless protocol provides added security for mice and keyboards - ZDNet
New standard enhances the cybersecurity of pipeline control systems - Help Net Security
OpenSSL Flaws Discovered and Fixed Last Week Affect a Large Number of Products - TechNadu
QNAP Working on Patches for OpenSSL Flaws Affecting its NAS Devices - The Hacker News
Scam artists are recruiting English speakers for business email campaigns - ZDNet
SEC announces sanctions against entities over email account hacking - Security Affairs
Sturdy Hospital in Attleboro sued over data breach - The Sun Chronicle
The cybersecurity metrics required to make Biden’s Executive Order impactful - Help Net Security
This is why the Mozi botnet will linger on - ZDNet
Twitter adds Safety Mode to automatically block online harassment - Bleeping Computer
Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA - Security Affairs
Wawa paying $9-million in cash, gift cards in data breach settlement; Nov. deadline to file claim - 6ABC
31/08
A Hacker Used “BlueBomb” to Unlock the Nintendo Wii Mini - TechNadu
Afghanistan’s reported data breach has life-and-death consequences - Fast Company
Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms - The Hacker News
Bangkok Airways Admits Attackers Stole Passenger Data - InfoSecurity Magazine
Canada accepted 7,300 more immigration applications due to technical bug - Bleeping Computer
Chinese Developers Reveal Android Gamers' Data - Softpedia News
Coinbase seeds panic among users with erroneous 2FA change alerts - Bleeping Computer
Companies go scot-free despite breach of customer data - The leaflet
Crypto Exchange Bilaxy Loses $21M in Hack - PYMNTS
Cyberattackers are now quietly selling off their victim's internet bandwidth - ZDNet
Cybercriminal sells tool to hide malware in AMD, NVIDIA GPUs - Bleeping Computer
Cybersecurity awareness is one of the skills needed for a post-pandemic economy - Help Net Security
Dallas police data loss nearly triple initial estimate - Herald Sun
Data Breaches in the Financial Sector - News Anyway
Denton County Data Breach Exposes Health Records, Including COVID Vaccination Details - WBAP
Don't want to get hacked? Then avoid these three "exceptionally dangerous" cybersecurity mistakes - ZDNet
Expired driver's licenses open lanes for cybercriminals, text and email scams - USA Today
FBI Flash Alert Warns Organizations of Hive Ransomware Group - Health IT Security
Fujitsu customer data is reportedly being sold on the dark web - TechRadar Pro
Government Efforts Take Cyber Awareness to the Next Level, but an Ocean of Obstacles Lies Ahead - DevPro Journal
Hackers Steal Data from Neuchâtel Cantonal Bank - FINews
How behavioral biometrics can stop social engineering and malware scams dead in their tracks - NuData Security
HPE wars customers of Sudo flaw in Aruba AirWave Management Platform - Security Affairs
Illinois Physicians Notify 600K Patients of Data Breach - InfoSecurity Magazine
Illinois Provider Faces Healthcare Data Breach, 171K Patients Exposed - Health IT Security
Increase in credential phishing and brute force attacks causing financial and reputational damage - Help Net Security
Indonesia Launches Investigation for Possible Breach on Its COVID-19 Tracing App - TechNadu
Initial Access Broker use, stolen account sales spike in cloud service cyberattacks - ZDNet
Kaspersky blocked 5.8M malware attacks 'disguised as popular PC games' last year - PCGamer
Lojas Renner claims that cyberattack did not result in data leakage - The Clare People
Microsoft Exchange ProxyToken flaw can allow attackers to read your emails - Security Affairs
New Mirai Version Adds WebSVN Command Injection to Its Arsenal - TechNadu
QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout - ThreatPost
Ransomware May Have Cost US Schools Over $6bn in 2020 - InfoSecurity Magazine
Researchers Propose Machine Learning-based Bluetooth Authentication Scheme - The Hacker News
Securities and Exchange Commission (SEC) fines brokerage firms over email hacks, customer data exposure - CyberScoop
Singapore government expands bug hunt with hacker rewards scheme - ZDNet
The consumerization of the Cybercrime-as-a-Service market - Help Net Security
The new era of email authentication - Security Infowatch
This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft - ZDNet
Threat actors stole $19 million worth of crypto assets from Cream Finance - Security Affairs
30/08
ACE Takes Down Flixanity, a Highly Popular Pirate Streaming Site - TechNadu
Attackers Use Fake FMWhatsapp to Spread Triada Trojan - CISO Mag
Bangkok Airways apologizes for passport info breach as LockBit ransomware group threatens data leak - ZDNet
Boston Public Library discloses cyberattack - Security Affairs
CISA: Don’t use single-factor auth on Internet-exposed systems - Bleeping Computer
Consumers value privacy more than potential savings when purchasing insurance - Help Net Security
Cyber-thieves Hit DeFi Platform Again - InfoSecurity Magazine
Cyber threats, passenger vessels and superyachts: The current state of play - Help Net Security
Debunking myths about consumer expectations around mobile apps security - Help Net Security
DEF CON 29 Main Stage – Zhipeng Huo’s, Yuebin Sun’s & Chuanda Ding’s ‘Reveal And Exploit: IPC Logic Bugs In Apple’ - Security Boulevard
File upload security best practices rarely implemented to protect web applications - Help Net Security
Hacking IoT Security with Aaron Guzman - Security Boulevard
How Does MTA-STS Improve Your Email Security? - The Hacker News
How enterprises use security operations to modernize their business - Help Net Security
Hybrid work here to stay: What does that mean for security? - ZDNet
Israeli firm "bright data" (Luminati Networks) enable the attacks against Karapatan - Security Affairs
LockBit Gang to Publish 103GB of Bangkok Air Customer Data - ThreatPost
Men, Executives Pose Higher Cybersecurity Risk - Security Boulevard
Microsoft Exchange ProxyToken bug can let hackers steal user email - Bleeping Computer
Microsoft shares guidance on securing Azure Cosmos DB accounts - Bleeping Computer
New variant of Konni RAT used in a campaign that targeted Russia - Security Affairs
Operationalize AWS security responsibilities in the cloud - Help Net Security
QNAP works on patches for OpenSSL bugs impacting its NAS devices - Bleeping Computer
Rethinking Cloud Infrastructure Authentication - Security Boulevard
Rights Group Advises Afghans to Delete Data - InfoSecurity Magazine
Serverless security market size to reach $5.1 billion by 2026 - Help Net Security
Singapore touts need for security, use cases as 5G rollouts gather steam - ZDNet
T-Mobile Hacker Identified, China’s New Privacy Law, Tesla Bot Announcement - Security Boulevard
Unmanaged SaaS Data Brings Supply Chain Risks - Security Boulevard
US DoJ announces the creation of Cyber Fellowship Program - Security Affairs
‘Web Hosting Canada’ Informs of a Major Ongoing Security Incident - TechNadu
Why torrenting on Elon Musk’s Starlink is not a good idea? - HackRead
Why WAFs Don’t Work According to a Hacker - Security Boulevar
29/08
1 GB of data belonging to Puma available on Marketo - Security Affairs
Apple launches service program for iPhone 12 no sound issues - Bleeping Computer
Australia: Agencies urged to educate staff more after reporting 34 data breaches - The Riotact
Chico State students are conflicted about university's vaccination exemption data breach - KRCR
Cyberattacks, data loss among top management concerns today - The Manila Times
DDoS attacks target the Philippine human rights alliance Karapatan - Security Affairs
DEF CON 29 Main Stage – Kelly Kaoudis’ & Sick Codes’ ‘Rotten Code, Aging Standards & Pwning IPv4 Parsing’ - Security Boulevard
DEF CON 29 Main Stage – Rion Carter’s ‘Why Does My Security Camera Scream Like A Banshee?’ - Security Boulevard
Envision Credit Union ‘taking all appropriate steps’ after possible cyber attack - Data Breach Net
Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses - The Hacker News
Japan has no time to waste in boosting its cyberdefenses - The Japan Times
Less than two months after its launch and inaugural hack, GETTR is leaking data - Data Breach Net
Some Synology products impacted by recently disclosed OpenSSL flaws - Security Affairs
T-Mobile hacker used brute force attack to steal customers’ data - HackRead
There's no easy fix to the worsening ransomware epidemic - The Star