NEWS: Dezembro (05/12 - 11/12) - 49 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!

11/12
5 Ways To Protect Yourself From Online Hackers In 2022 - TechShout
BEWARE: If You Have These Battery Charging and Keyboard Apps, Delete Them ASAP - TechTimes
Brazil health ministry website hit by hackers, vaccination data targeted - Reuters
Brazil suffers cyberattack on health systems, vaccination data still not recovered - Neowin
Canadian Citizen Charged for Ransomware Attacks in Alaska - HackRead
Careful how you scan: QR codes represent the new attack dimension - Digital Journal
Cox Customer Support Scam Leads to Data Breach - Pirate Press
Don’t Let the Grinch that Scammed the Holidays Make You a Victim - Net News Ledger
Easy prey: How Russian criminals laid the bait that would ultimately bring the Irish health service to its knees - Independent
FNB warns of new scams targeting customers - Business Tech
FTC: Americans lost $148 million to gift card scams this year - Bleeping Computer
Google Suddenly Makes Windows Safer For 1 Million Users - Forbes
Hacked BDO accounts are used to buy Bitcoin via UnionBank - Manila Bulletin
Hacker Poses As Support Rep To Breach Cox Communications - Forbes
Hackers actively exploiting 0-day in Ubiquitous Apache Log4j tool - HackRead
Hackers are exploiting users with MS Outlook: report - The Hindu
Hackers steal research data from Sweden’s Volvo Cars - The Local
Handi-Van Servers Hit By A Cyberattack, Forcing Passengers To Rebook Rides - Patch
Hellmann Company Reports Massive Cyberattack - Pirate Press
HSE hack: Cancer patients could not be treated, and x-ray systems went offline - Irish Examiner
Identity theft and fraud - how it happens and how to prevent it - Estate Agent Today
Log4j: 'Vaccine' Released for Exploited Apache Zero Day - Gov Info Security
Log4Shell - a new hair-on-fire Internet exploit has IT professionals scrambling - Daily Kos
Massive Attack Targets 1.6 Million WordPress Sites - Bank Info Security
National Board Of Examinations (NBE) Warns Of Spoofed Emails, SMS, Social Media Content - Medical Dialogues
Ransomware Group Claims Volvo Attack, Screenshots of the Stolen Files Released - Auto Evolution
Serious bug puts Apple iCloud, Twitter, Minecraft at hacking threat - Business Standard
The new PPI? Claims firms turn their fire on data breaches - The Guardian
What cybersecurity can learn from health and wellness - Beta News
What Is IP Spoofing and What Is It Used For? - Make Use Of
10/12
30% of online users suffered security breaches due to weak passwords - Help Net Security
Aplicativo do ConecteSUS deixa de apresentar vacinas; site está fora do ar - G1
Atlanta shined light on an attack that happened back to July - The Digital Hacker
BlackCat ransomware, a very sophisticated malware written in Rust - Security Affairs
Bravo for the newly emerged ransomware group on it’s performance - The Digital Hacker
ConecteSUS e página do Ministério da Saúde são alvo de hackers - Metroploes
December 2021 Patch Tuesday forecast: How do you stack up? - Help Net Security
How will emerging technologies impact the data storage landscape? - Help Net Security
Massive attack against 1.6 million WordPress sites underway - Bleeping Computer
Microsoft vulnerabilities have grave implications for organizations of all sizes - Help Net Security
Pakistani group starting a cyber war against India and Afghanistan - The Digital Hacker
Seller-related fraud threatens long-term customer retention - Help Net Security
Singapore-UK digital economy act to focus on cybersecurity, trade - ZDNet
Site do Ministério da Saúde é alvo de hackers - Terra
Sites do Ministério da Saúde e Conect Sus saem do ar após ataque de hackers - G1
This ransomware will successfully infiltrate your device and extort you - The Digital Hacker
Tor network severely hit by a ransomware group - The Digital Hacker
09/12
A new phishing campaign on Twitter is attacking verified accounts - The Digital Hacker
Analysts Claim That Arresting Canadian Ransomware Attacker is a Major Step - The Digital Hacker
Beware of ransomware attacks between Christmas and New Year’s! - Help Net Security
Burned out workers are less likely to follow security guidelines - Help Net Security
Cox discloses data breach after hacker impersonates support agent - Bleeping Computer
Crooks injects e-skimmers in random WordPress plugins of e-stores - Security Affairs
Dark Mirai botnet spreads targeting RCE on TP-Link routers - Security Affairs
DARPA Announces SMOKE Program - InfoSecurity Magazine
Extracting value from the interconnected network of risk management - Help Net Security
Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts - Bleeping Computer
Get patching: SonicWall warns of vulnerabilities in SMA 100 series remote access devices - ZDNet
How can organizations ease audit overload? - Help Net Security
Hundreds of thousands of MikroTik devices still vulnerable to botnets - Bleeping Computer
It’s time to patch your SonicWall SMA 100 series appliances again! - Help Net Security
Microsoft, Google OAuth flaws can be abused in phishing attacks - Bleeping Computer
Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products - Security Affairs
More than 300,000 MikroTik devices have been identified to be susceptible to remote hacking vulnerabilities - The Digital Hacker
Most Phishing Pages are Short-lived - InfoSecurity Magazine
NVD: It’s Another Record Year for Vulnerabilities - InfoSecurity Magazine
Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs - The Hacker News
QNAP NAS devices targeted by new bitcoin miner - Help Net Security
Queensland government energy generator says ransomware attack not state-based - ZDNet
SanDisk SecureAccess bug allows brute forcing vault passwords - Bleeping Computer
Social media platforms being regulated as telcos under discussion in Australia - ZDNet
Sophisticated identity document fraud increased 57% over previous year - Help Net Security
Tens of malicious NPM packages caught hijacking Discord servers - Security Affairs
Top practices to improve enterprise security - Help Net Security
What cybersecurity trends do company executives expect to see next year? - Help Net Security
Why Holidays Put Your Company at Risk of Cyber Attack (And How to Take Precautions) - The Hacker News
Windows 'InstallerFileTakeOver' zero-day bug gets free micropatch - Bleeping Computer
08/12
2021 will be a record-breaking year for data breaches, what about 2022? - Help Net Security
140,000 Reasons Why Emotet is Piggybacking on TrickBot in its Return from the Dead - The Hacker News
“DevOps Engineers are Constantly Being Hunted by Cybercriminals” - CISO Mag
Emotet directly drops Cobalt Strike beacons without intermediate Trojans - Security Affairs
Finding the key for balancing remote workforce security with productivity - Help Net Security
French Transport Giant Exposes 57,000 Employees and Source Code - InfoSecurity Magazine
From DDoS to bots and everything in between: Preparing for the new and improved attacker toolbox - Help Net Security
Google Files Lawsuit Against Blockchain Botnet Operators - InfoSecurity Magazine
Google Takes Legal Action Against Glupteba Botnet - CISO Mag
Guide to Achieving 24x7 Threat Monitoring and Response for Lean IT Security Teams (eBook) - The Hacker News
Healthcare cybersecurity market size to reach $35.5 billion by 2027 - Help Net Security
Hotel Guests Locked Out of Rooms After Ransomware Attack - InfoSecurity Magazine
How FinServ Firms can Prevent Business Email Compromise - Security Boulevard
It’s Not a User Problem; It’s a Cybersecurity People Problem - Security Boulevard
Listen to recorded Twitter Spaces on iOS, android or the web - The Digital Hacker
Moobot botnet spreading via Hikvision camera vulnerability - Bleeping Computer
Skewed analytics caused by bots damage businesses as much as ad fraud - Help Net Security
The current state of zero trust: Awareness is high, adoption is lagging - Help Net Security
There is a possibility that Verizon is Collecting Your Data, Here is how this can be stopped - The Digital Hacker
XMGoat: Open-source pentesting tool for Azure - Help Net Security
Why Public-Private Partnership is Key to Cybersecurity - Security Boulevard
07/12
27 flaws in USB-over-network SDK affect millions of cloud users - Bleeping Computer
A new WIRTE threat group is targeting Middle Eastern scholars - The Digital Hacker
Adapting higher education to address the cybersecurity skills shortage - Help Net Security
Apple Warns of Further Compromises by Israel’s NSO Group - Security Boulevard
Aruba rolls out "Microbranch" networking to level up home offices - ZDNet
Attackers exploit another zero-day in ManageEngine software (CVE-2021-44515) - Help Net Security
Bosses are reluctant to spend money on cybersecurity. Then they get hacked - ZDNet
Businesses fear rise of third-party attacks, as ransomware impact grows - ZDNet
Cambridge Quantum Launches Cryptographic Key Service - Security Boulevard
Charitable Giving Sector a Major Cyberattack Target - Security Boulevard
Cloud Protection Over Bifurcated Network Security - Security Boulevard
Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides - The Hacker News
Emotet is spreading again thanks to bogus app installers - The Digital Hacker
EU key management in 2022 - Help Net Security
Google disrupts massive Glupteba botnet, sues Russian operators - Bleeping Computer
How Cybercriminals Use Phishing Kits - CISO Mag
How to protect air-gapped networks from malicious frameworks - Help Net Security
Just 3% of UK Firms Escaped a Supply Chain Breach in 2021 - InfoSecurity Magazine
Microsoft seized 42 domains used by the China-linked APT15 cyber espionage group - Security Affairs
Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers - The Hacker News
Myanmar atrocities have led to a $150 billion lawsuit by Rohingya refugees against Facebook - The Digital Hacker
Nobelium continues to target organizations worldwide with custom malware - Security Affairs
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet - Bleeping Computer
On two occasions, it’s been claimed that Google Pixel mail-in repairs resulted in leaked images and a privacy nightmare - The Digital Hacker
Ransomware Victims Pay $700K in Extra Extortion Fees - InfoSecurity Magazine
RTF Template Injection Technique Gains Popularity among APT groups - The Digital Hacker
Rust takes a major step forward as Linux's second official language - ZDNet
Secure transactions top retailers’ wish lists this holiday season - Help Net Security
SolarWinds Hackers Targeting Government and Business Entities Worldwide - The Hacker News
STOP Ransomware vaccine released to block encryption - Bleeping Computer
The threats of modern application architecture are closer than they appear - Help Net Security
Twitter bots monitor every tweet to push cryptocurrency scams - Bleeping Computer
UK’s Poor Cyber Risk Planning Could “Wreak Havoc” - InfoSecurity Magazine
With the latest firmware update, Google Pixel Buds A-Series will now have more options - The Digital Hacker
06/12
14 New Cross-Site Leaks Attacks Have Been Identified - The Digital Hackers
14 New XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers - The Hacker News
$120 million was looted from the DeFi protocol by hackers - The Digital Hackers
330 SPAR stores close or switch to cash-only payments after a cyberattack - Security Affairs
2022 and the threat landscape: The top 5 future cybersecurity challenges - Help Net Security
A cyber attack has forced supermarket Spar to close some stores - ZDNet
ASIC says financial market cyber resiliency remained steady but fell short of target - ZDNet
Brace yourself for these five top data breach trends in 2022, Experian warns - ZDNet
Crypto Exchange BitMart Hacked, Loss Estimated at $196 Million - TechNadu
Cuba Ransomware Nets Nearly $50m - InfoSecurity Magazine
Cyber Insurance for Health Care Organizations - CISO Mag
Cyberattack freezes Maryland health department - Data Breaches Net
Cybercrime supply chain: Fueling the rise in ransomware - Help Net Security
Delta-Montrose Electric Association (DMEA) Colorado electric utility hit by a disruptive cyberattack - Security Affairs
Facebook no Brasil é condenado a indenizar internauta que teve conta hackeada - G1
Firefox confirmed WordPress gravatar data breach in mails - The Digital Hackers
Florida teen and her mother accused of hacking homecoming queen election refuse plea deal, claiming they have been framed - Data Breaches Net
France warns of Nobelium cyberspies attacking French orgs - Bleeping Computer
Fraudulent e-commerce transactions spiked between Thanksgiving and Cyber Monday - Help Net Security
Hackers are sending receipts with anti-work messages to businesses’ printers - Security Affairs
Hackers are using this new malware which hides between blocks of junk code - ZDNet
Hackers pretending to be Iranian govt use SMS messages to steal credit card info, create botnet - ZDNet
Hackers Steal $200 Million Worth of Cryptocurrency Tokens from BitMart Exchange - The Hacker News
Hackers Steal Cryptocurrency Worth $150 Mn From BitMart Exchange - CISO Mag
How proactive are companies when managing data? - Help Net Security
Hundreds of SPAR stores shut down, switch to cash after cyberattack - Bleeping Computer
Increasing Network Visibility: The Key to Security - Security Boulevard
Kafdrop flaw allows data from Kafka clusters to be exposed Internet-wide - Help Net Security
Lewis & Clark Community College to resume classes Tuesday amid ransomware attack - Data Breaches Net
Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers - Security Affairs
Making robotics security a top priority - Help Net Security
Malicious KMSPico Windows Activator Stealing Users' Cryptocurrency Wallets - The Hacker News
Nine State Department Phones Hijacked by Spyware - InfoSecurity Magazine
Pakistani APT Group ‘SideCopy’ Targets Officials in India and Afghanistan - CISO Mag
Romance Fraudster Targeted 670 Women Online - InfoSecurity Magazine
Russian hacking group uses new stealthy Ceeloader malware - Bleeping Computer
Security experts question new DHS/TSA cybersecurity rules for rail companies - ZDNet
The US military’s cyber branch has admitted that it has used aggressive tactics to disrupt ransomware activities - The Digital Hackers
The Verizon App Collects User Browsing and Calls History, Location, and More - TechNadu
Threat actors stole more than $150 million worth of cryptocurrency tokens from BitMart platform - Security Affairs
Vulnerability Scanning Frequency Best Practices - The Hacker News
Your CEO Isn’t Real: How to Deal With Deep Fakes - Security Boulevard
WhatsApp adds default disappearing messages for new chats - Bleeping Computer
05/12
2.1 million people’s data affected during a data breach - The Digital Hacker
ASIC says financial market cyber resiliency remained steady but fell short of target - ZDNet
Convincing Microsoft phishing uses fake Office 365 spam alerts - Bleeping Computer
Cyber Vulnerabilities and Safety Risks Across the UK's Digital Railway - InfoSecurity Magazine
Cybersecurity predictions: Identity protection to be a priority in 2022 - Zawya
Did the cybersecurity stakes get even higher in 2021? - The Star
Education sector among most vulnerable - The Star
Garena Free Fire: Stop being defrauded; Know how to prevent a phishing attack; check list - Hindu Stan Time
If you’re mailed a random CD, don’t put it in your computer. Here’s why - The Star
Laying the land for a cyber-safe future - Arabian Business
Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers - Security Affairs
Malicious Excel XLL add-ins push RedLine password-stealing malware - Bleeping Computer
New Twitter phishing campaign targets verified accounts - Bleeping Computer
No surprise: NSW iVote fails during local council elections - ZDNet
Putting a stop to cybercrime - The Star
Ransomware attacks on the rise in Switzerland - Swissinfo
Ransomware group hits 49 critical infrastructure firms in US - The Siasat Daily
Threat to online learning - The Star
Top Ways To Ensure Online Security And Device Safety - Asume Tech
U.S. State Department phones hacked with Israeli company spyware – sources - Data Breaches Net
Why responsibility for ransomware sits at the top - ITWire
