NEWS: Dezembro (12/12 - 18/12) - 50 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!

18/12


Apache Issues 3rd Patch to Fix New High-Severity Log4j Vulnerability - The Hacker News


Apache Log4j: New Attack Vectors, Ransomware Seen - Bank Info Security


Conti Ransomware Group Exploiting Log4j Vulnerability - HackRead


German audio tech giant Sennheiser exposed 55GB of customers’ data - HackRead


Hall County’s ‘crippling’ cyberattack last year cost $1.7M. Here’s what else we’ve learned since then - Gainesville Times


How to Successfully Handle Press Releases After a Data Breach - Purple Revolver


Mean Time To Detect (MTTD) - Business 2 Community


New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability - The Hacker News


Privacy Commissioner Notified After Data Breach At Five Counties Children’s Centre - Kawartha 411


Ransomware persists even as high-profile attacks have slowed - Independent


Rising ransomware attacks doubles premium for cyber cover - The Times Of India

Telcos Are on Phishers’ Radar, Who Is at Risk? - CircleID


The game of fraud also runs in the name of Cryptocurrency! In this way you can make safe investments - Enter 21st


Three-fourths of organisations in India have been hit by ransomware threat this year: Report - The Hindu Business Line


Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS - Bleeping Computer



17/12


All Log4j, logback bugs we know so far and why you MUST ditch 2.15 - Bleeping Computer


Android malware warning: Over 500,000 users have been infected after downloading this app from Google Play - ZDNet


Attacks on UK Firms Increase Five-Fold During Pandemic - InfoSecurity Magazine


B&K Issues Cyber-attack Notice - InfoSecurity Magazine


CISA: Federal agencies must immediately mitigate Log4J vulnerabilities - ZDNet


CISA: Prepare Now for Holiday Cyber Onslaught - InfoSecurity Magazine


Conti ransomware uses Log4j bug to hack VMware vCenter servers - Bleeping Computer


Credit card info of 1.8 million people stolen from sports gear sites - Bleeping Computer


Digital IDs don’t have to impinge on civil liberties and privacy - Help Net Security


Facebook Bans 7 'Cyber Mercenary' Companies for Spying on 50,000 Users - The Hacker News


Google unleashes security 'fuzzer' on Log4Shell bug in open source software - ZDNet


How to Prevent Customer Support Help Desk Fraud Using VPN and Other Tools - The Hacker News


Immudb: Open-source database, built on a zero trust model - Help Net Security


Log4j: Major IT vendors rush out fixes for this flaw and more ahead of Christmas - ZDNet


Logistics giant warns of BEC emails following ransomware attack - Bleeping Computer


Meta: Surveillance-for-Hire Firms Hit 50,000 Victims - InfoSecurity Magazine


New PseudoManuscrypt Malware Infected Over 35,000 Computers in 2021 - The Hacker News


Ole Miss Students Charged with Cyber-stalking - InfoSecurity Magazine


Ransomware affects the entire retail supply chain this holiday season - ZDNet


Security firm Blumira discovers major new Log4j attack vector - ZDNet


Spider-Man Fans Warned About Scams Leveraging New Movie - InfoSecurity Magazine


TellYouThePass ransomware revived in Linux, Windows Log4j attacks - Bleeping Computer


This company was hit with ransomware, but didn't have to pay up. Here's how they did it - ZDNet


This image looks very different on Apple devices — see for yourself - Bleeping Computer


US emergency directive orders govt agencies to patch Log4j bug - Bleeping Computer


Want to assemble a cyber Dream Team? Look back at the ‘92 Olympics - Help Net Security


Why is a well thought-out approach to cloud migration imperative? - Help Net Security



16/12


3 Ways ZTNA Improves Remote Access Security - Security Boulevard


4 Ways IP Data Can Help Fight Cybercrime - Security Boulevard


60% of UK Workers Have Been Victim of a Cyber-Attack, Yet Awareness Remains Low - InfoSecurity Magazine


Adoption of private 5G networks accelerates, as organizations look to improve security and speed - Help Net Security


All Change at the Top as New Ransomware Groups Emerge - InfoSecurity Magazine


Brazil investigates use of staff credentials in cyberattacks against government bodies - ZDNet


CISA, White House urge organizations to get ready for holiday cyberattacks - ZDNet


CVE-2021-44228: The Log4Shell Vulnerability - Security Boulevard


Europe’s quantum communication plans: Defending against state-sponsored cyber attacks - Help Net Security


Experts: All Breach Victims Should Freeze Credit - InfoSecurity Magazine


Facebook has taken a significant step to combat data scraping vulnerabilities - The Digital Hacker


Firefox users can't reach Microsoft.com — here's what to do - Bleeping Computer


Flaws in Lenovo laptops allow escalating to admin privileges - Security Affairs


France Orders Clearview AI to Delete Data - InfoSecurity Magazine


Google Calendar now lets you block invitation phishing attempts - Bleeping Computer


Google: This zero-click iPhone attack was incredible and terrifying - ZDNet


Gumtree classifieds site leaked personal info via the F12 key - Bleeping Computer


Hive ransomware enters big league with hundreds breached in four months - Bleeping Computer


How to implement security into software design from the get-go - Help Net Security


Lenovo laptops vulnerable to bug allowing admin privileges - Bleeping Computer


Log4j flaw: This new threat is going to affect cybersecurity for a long time - ZDNet


Microsoft: Khonsari ransomware hits self-hosted Minecraft servers - Bleeping Computer


New Fileless Malware Uses Windows Registry as Storage to Evade Detection - The Hacker News


New Jersey Cancer Care Providers Settle Data Breach Claim - InfoSecurity Magazine


Online Shoppers Could Face Eight Million Credential Stuffing Attacks Per Day Over Christmas - InfoSecurity Magazine


Online shopping at risk: Mobile application and API cyber attacks at critical high - Help Net Security


Phorpiex botnet returns with new tricks making it harder to disrupt - Bleeping Computer


Regulator: Venues Must Protect User Privacy During COVID19 Checks - InfoSecurity Magazine


Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips - The Hacker News


Security priorities are geared toward ongoing remote and hybrid work - Help Net Security


Suspected Iranian hackers target airline with new backdoor - ZDNet


The Guide to Automating Security Training for Lean Security Teams - The Hacker News


The impact of the Log4j vulnerability on OT networks - Help Net Security


Trust in Legacy Vendors Sinks as Ransomware Spikes - Security Boulevard


US and Australia Enter CLOUD Act Agreement - InfoSecurity Magazine


Variant of Phorpiex botnet used for cryptocurrency attacks in Ethopia, Nigeria, India and more - ZDNet



15/12


After theft of $77.7 million, victim AscendEX to reimburse customers - ZDNet


DHS announces its ‘Hack DHS’ bug bounty program - Security Affairs


DHS Launches Bug Bounty Program - InfoSecurity Magazine


ExpressVPN Now Comes with Protection Against Log4Shell Vulnerability - TechNadu


Find Hidden AirTags Using Apple’s New Android Tracker Detect App - TechNadu


Foundational cloud security with CIS Benchmarks - Help Net Security


Government Experts in Last Minute Seasonal Scam Warning - InfoSecurity Magazine


Grindr Fined €6.5m for Selling User Data Without Explicit Consent - InfoSecurity Magazine


How healthcare providers handle safeguards to protect payment and PII - Help Net Security


How to Determine if Your Network Security is Working - Security Boulevard


Leveraging AIOps for a holistic view of network performance and security - Help Net Security


Log4j flaw: Now state-backed hackers are using bug as part of attacks, warns Microsoft - ZDNet


Log4j Looms Large Over Patch Tuesday - InfoSecurity Magazine


Log4j vulnerability: Why your hot take on it is wrong - TechRepublic


Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations - Help Net Security


Meta targets user information, database scraping in bug bounty expansion - ZDNet


Multiple Nation-State actors are exploiting Log4Shell flaw - Security Affairs


New "Hack DHS" program will pay up to $5,000 for discovered vulnerabilities - ZDNet


Owowa, a malicious IIS Server module used to steal Microsoft Exchange credentials - Security Affairs


Password offenders: Who’s the naughtiest of them all? - Help Net Security


Passwordless verification API transforms every mobile phone into a security token for zero trust access - Help Net Security


Ransomware in 2022: We're all screwed - ZDNet


Singapore-South Korea digital economy deal to sync up on data, payments - ZDNet


The cyber risk future doesn’t look good, but organizations are ready - Help Net Security


UK's New Cyber Strategy Designed to Boost Position as "Global Cyber Power" - InfoSecurity Magazine


U.S. Consumers Lost $148 million to Gift Card Scams in 2021 - CISO Mag


Victims awarded $18 million in GirlsDoPorn online video case, boss on the run - ZDNet


Web App Attacks Surge 251% in Two Years - InfoSecurity Magazine


When Not to Trust Zero-Trust - Security Boulevard


While attackers begin exploiting a second Log4j flaw, a third one emerges - Security Affairs


Why are data professionals investing in data governance programs? - Help Net Security



14/12


Adobe addresses over 60 vulnerabilities in multiple products - Security Affairs


Além da Saúde, CGU, PRF e IFPR também confirmaram invasão por grupo hacker - G1


Anubis Android malware returns to target 394 financial apps - Bleeping Computer


Apple AirTag Android App is Absolutely Awful—Tracker Detect Fail - Security Boulevard


Billion-dollar natural gas supplier Superior Plus hit with ransomware - ZDNet


Brazilian Ministry of Health hit by second cyberattack in less than a week - ZDNet


Christmas Payroll Fears After Ransomware Hits Software Provider - InfoSecurity Magazine


CISA orders federal agencies to patch Log4Shell by December 24th - Bleeping Computer


Cyberattacks in 2022 Will Look Familiar - Security Boulevard


Cyberattack on BHG opioid treatment network disrupts patient care - Bleeping Computer


Employees think they’re safe from cyberthreats on company devices - Help Net Security


Enterprise email encryption without friction? Yes, it’s possible - Help Net Security


EU Parliament adopts Digital Services Act, but concerns persist - Bleeping Computer


Experts: Log4j Bug Could Be Exploited for “Years” - InfoSecurity Magazine


Google fixed the 17th zero-day in Chrome since the start of the year - Security Affairs


Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware - The Hacker News


Hackers steal Microsoft Exchange credentials using IIS module - Bleeping Computer


How Extended Security Posture Management Optimizes Your Security Stack - The Hacker News


How organizations analyze data to source insights that inform business decisions - Help Net Security


How to thwart SIM swapping attacks? - Help Net Security


Hybrid work is dead, long live “work” - Help Net Security


iOS 15.2’s App Privacy Report: How to turn it on, and what it all means - ZDNet


LastPass to Become Standalone Company - InfoSecurity Magazine


Log4j flaw could be a problem for industrial networks 'for years to come' - ZDNet


Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability - ZDNet


Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency - ZDNet


Log4j: List of vulnerable products and vendor advisories - Bleeping Computer


Log4j zero-day flaw: What you need to know and how to protect yourself - ZDNet


Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws - Bleeping Computer


Microsoft December 2021 Patch Tuesday: Zero-day exploited to spread Emotet malware - ZDNet


Microsoft fixes Windows AppX Installer zero-day used by Emotet - Bleeping Computer


Microsoft releases end-to-end encryption for Teams calls - ZDNet


Modern cars: A growing bundle of security vulnerabilities - Help Net Security


Police Arrest Suspected Ransomware Actor in Romania - InfoSecurity Magazine


Practical coexistence attacks on billions of WiFi chips allow data theft and traffic manipulation - Security Affairs


Preparing for Evolving Phishing Scams - Security Boulevard


Ransomware hits HR solutions provider Kronos, locking customers out of vital services - Help Net Security


Significant Disconnect Between SOC Leaders and Staff - InfoSecurity Magazine


TAG to Open New Global Headquarters - InfoSecurity Magazine


Teleport Adds Windows Support to Infrastructure Security Gateway - Security Boulevard


TinyNuke banking malware targets French organizations - Security Affairs


US CISA orders federal agencies to fix Log4Shell by December 24th - Security Affairs


WAF, RASP and Log4Shell - Security Boulevard


WhatsApp New Privacy Update Hides Your Status and Activity From Strangers - TechNadu


Windows 11 KB5008215 update released with application, VPN fixes - Bleeping Computer



13/12


7 Cloud Vulnerabilities Endangering Your Data! - Security Boulevard


Arrest in Romania of a ransomware affiliate scavenging for sensitive data - Data Breaches Net


Ascendex has lost $77 million worth of RC20, BSC, and Polygon tokens to cyberattack - HackRead


Attackers can get root by crashing Ubuntu’s AccountsService - Bleeping Computer


Bugs in billions of WiFi, Bluetooth chips allow password, data theft - Bleeping Computer


Building Blocks of the Widely Used Qakbot Banking Trojan outlined by Microsoft - The Digital Hacker


Can Your IAST Do This? - Security Boulevard


Canadian federal privacy commissioner says BMO security breach in 2017 affected 113,000 client accounts - Data Breaches Net


CISA adds Log4Shell Log4j flaw to the Known Exploited Vulnerabilities Catalog - Security Affairs


CSAM Found on LSU Professor’s Computer - InfoSecurity Magazine


Darknet operators of “cyber bunker” convicted and sentenced in Germany - Data Breaches Net


Database security market to reach $16,273.8 million by 2028 - Help Net Security


Did Snatch Ransomware Snitch Volvo Cars R&D Data? - CISO Mag


Digital Payment Platform might go through changes as indicated by the RBI Governor - The Digital Hacker


Discerning the scope of a serious Log4j security flaw - The Digital Hacker


EV certificate usage declining: Is the internet becoming more secure? - Help Net Security


Hackers Compromise PM Modi’s Twitter Account To Publish a Bitcoin Post - CISO Mag


Hacker-powered pentests gaining momentum - Help Net Security


How C-suite executives perceive their organizations’ readiness for ransomware attacks - Help Net Security


How Cybersecurity Awareness Shifted in 2021 - Security Boulevard


How SASE Enables and Secures 5G Networks - Security Boulevard


How worried should organizations be about their phishing click rate? - Help Net Security


Karakurt: A New Emerging Data Theft and Cyber Extortion Hacking Group - The Hacker News


Latest Apple iOS Update Patches Remote Jailbreak Exploit for iPhones - The Hacker News


Lewis & Clark Community College to resume classes from Tuesday in the midst of ransomware attack - The Digital Hacker


Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability - ZDNet


Log4j zero-day flaw: What you need to know and how to protect yourself - ZDNet


Log4Shell was in the wild at least nine days before public disclosure - Security Affairs


Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation - Help Net Security


Log4Shell was in the wild at least nine days before public disclosure - Security Affairs


Malicious PyPI packages with over 10,000 downloads taken down - Bleeping Computer


Microsoft Details Building Blocks of Widely Active Qakbot Banking Trojan - The Hacker News


Police arrests ransomware affiliate behind high-profile attacks - Bleeping Computer


Ransomware Affiliate Arrested in Romania; 51 Stolen Data Brokers Arrested in Ukraine - The Hacker News


“Sadistic” Online Extortionist Jailed for 32 Years - InfoSecurity Magazine


Site da Câmara de Vereadores do Rio sai do ar após ataque hacker - G1


Świętokrzyskie: Personal data leaked from the commune office in Nowiny - Data Breaches Net


Top 3 SaaS Security Threats for 2022 - The Hacker News


Two Linux botnets already exploit Log4Shell flaw in Log4j - Security Affairs


Ukraine arrests 51 for selling data of 300 million people in US, EU - Bleeping Computer


Ultimate guide to the CCSP: Build the most needed skill in cybersecurity - Help Net Security


Unused identities: A growing security threat - Help Net Security


Virginia legislative agencies and commissions hit with ransomware attack - ZDNet


Why is trust in legacy vendors on shaky ground? - Help Net Security


Woman finds medical records stacked next to recycling bin in Sharpstown neighborhood - Data Breaches Net


Worldwide Log4j Attacks That Can Deploy Malware Affect Steam, Minecraft, and iCloud - TechNadu


“Worst-Case Scenario” Log4j Exploit Travels the Globe - InfoSecurity Magazine


12/12


4 Philippine government agencies among prime targets of ‘China-sponsored’ spies, says US cyber firm - Manila Bulletin


5 tips to help seniors avoid scams this holiday season - Boston Herald


Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack - The Hacker News


BadgerDAO reveals cause behind exploit, details recovery plan - AMBCrypto


BDO clients lose money due to alleged online banking hack - Rappler


Beware! New Gmail email threat is here along with Omicron! Know how to avoid - Hindu Time


Brazil Health Ministry Website Targeted by Hackers, COVID-19 Vaccine Data At Risk - News18


Crypto Bot Trading Alert - San Francisco Examiner


Cyber security breach could target nearly all companies: Cyber watchdog - NL Times


Cybersecurity firm gives tips to confidently shop online - SunStar


Digital Assets Are Facing An Increasing Security Threat; How Can Corporations and Individuals Mitigate this Risk? - Recently Heard


DVLA scam: DVLA issues urgent warning to motorists - North Wales Chronicle


How to protect your financial data as the Cabinet Office is fined £500k for address leaks - Express


Log4j RCE activity began on December 1 as botnets start using vulnerability - ZDNet


Log4Shell: This dangerous exploit can affect everything from Apple to Minecraft - Giz China


Main cyber security technology predictions for 2022 - InfoTech Lead


Microsoft Asks Windows Users to Share Potentially Insecure Drivers - PC Magazine


Phishing attacks in Brazil grow 41% in 2021 - Play Crazy Game


Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw - Security Affairs


Russian National Sentenced for Providing Crypting Service for Kelihos Botnet - Imperial Valley News


Schools face increasing risk of cyberattacks - Riverhead News Review


The Brazilian Ministry of Health’s website was hacked, and vaccination data was stolen - Nokia News


The Ongoing Evolution of Modern Ransomware - Tahawultech


Top 10 Cybersecurity Challenges to be Prepared for in 2022 - Analytics Insight


Trickbot rebirths Emotet: 140,000 Victims in 149 countries in 10 months - Zawya


Types of Cyber Threats and How to Prevent Them - The Next Hint


Understanding Cybersecurity in a Work From Home World - My Background Check


Volvo Data Breach: A Cause for Concern? - Pirate Press


NEWS: Dezembro (05/12 - 11/12) - 49 Semana de 2021


Who am I...

Apenas um amante da tecnologia e da Segurança da Informação. Hacker ? Até que prove ao contrário não.. Profissional ? Sim.. Mais de 20 anos no mercado de Segurança da Informação sempre atuando em grandes Empresas.

 

Levantando a bandeira de que hacker é um profissional e especialista naquilo que ele faz. Hacker é um especialista, um pesquisador, um profissional como outro qualquer.

Skatista, músico e fotógrafo de instagram nas horas vagas....

Procurar por Tags
Pelo Mundo Afora...
  • Twitter Social Icon
  • LinkedIn Social Icon