NEWS: Dezembro (19/12 - 25/12) - 51 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!

25/12
AvosLocker Ransomware Uses AnyDesk in Safe Mode to Launch - The Headlines of Today
Cert-In discovered a new Ransomware virus disseminated via e-mail - The Digital Hacker
Deep Web vs Dark Web: Understanding the Differences - The Teal Mango
French IT Services Firm Hit by Ransomware Attack - Gov Info Security
Online Threat! Hackers are sending more and more SMS - Spark Chronicles
Should You Block All Monero-Related Domains? Crypto Scams Set To Rise in 2022 - Hacker Noon
Spiderman No Way Home Movie Download Could Land You in Phishing Trap - Sakshi post
There's no such thing as sensitive data - Data Center Dynamics
24/12
4 Ways To Strengthen Your Company’s Cybersecurity Infrastructure To Prevent An Attack - Forbes
5 cybersecurity trends to look out for in 2022 - ITP Net
Albania: Worries grow over personal data breach, as second leaked document distributed - Tirana Times
Albania's Prime Minister Issues Data Leak Apology - InfoSecurity Magazine
Android banking trojan spreads via fake Google Play Store page - Bleeping Computer
Attackers bypass Microsoft security patch to drop Formbook malware - HackRead
Blackmagic fixes critical DaVinci Resolve code execution flaws - Bleeping Computer
Consumer Data Breach Alert: Arthur J. Gallagher & Company - JD Supra
Cryptominers hit 'Spider-Man: No Way Home' fans while torrenting - Sify
Cybersecurity Considerations When Powering Retail IT Systems - Retail Touch Points
Data Breach Alert: Newbridge Securities Corporation - JD Supra
'Diavol' Ransomware Virus Hacks PC Via Email, And Blackmails You To Pay Money - India Times
Double check the message: Malicious actors are impersonating pharma companies - Digital journal
Five Eyes intelligence agencies warns millions at risk as hackers exploit mutating Log4Shell bug - 7News
Global IT services provider Inetum hit by ransomware attack - Bleeping Computer
Hellmann Warns Customers They Could Face Malicious Communications Following Attack - InfoSecurity Magazine
How AI-powered fraud and aggressive ransomware could dominate 2022 - Information Age
New BLISTER Malware Using Code Signing Certificates to Evade Detection - The Hacker News
New Ransomware Variants Flourish Amid Law Enforcement Actions - The Hacker News
NVIDIA apps affected by Log4j vulnerability - Bryt Fm online
Rook ransomware is yet another spawn of the leaked Babuk code - Bleeping Computer
Singapore: OCBC Bank cautions public about SMS phishing scams after customers lose $140,000 in 10 days - The Business Times
Steps you can take today to mitigate the potential of employee data breaches - News From Wales
T-Mobile says Scam Shield has blocked 21 billion scam calls in 2021 - Nation LK
Ubisoft Data breach hits Just Dance Players - Pro Privacy
Unique Cyber-Attacks Fall for First Time Since 2018 - InfoSecurity Magazine
Volvo Security Breach Led to R&D Data Theft by ‘Snatch’ Threat Actors - CPO Magazine
23/12
A flaw in Microsoft Azure App Service exposes customer source code - Security Affairs
Alibaba Suffers Government Crackdown Over Log4j - InfoSecurity Magazine
Apache's new security update for HTTP Server fixes two flaws - ZDNet
APWG’s eCrime 2021 Symposium Shows Cybercrime Evolving - Security Boulevard
Best of 2021 – Combating COMB: 3.2 billion credentials leaked in breach compilation - Security Boulevard
CISA, FBI and NSA Publish Joint Advisory and Scanner for Log4j Vulnerabilities - The Hacker News
CISA Releases Free Scanner to Spot Log4j Exposure - InfoSecurity Magazine
Consumers Warned of Surging Delivery Text Scams Ahead of Christmas - InfoSecurity Magazine
Correios viram alvo de hackers e site está fora do ar - Tudo Celular
Could passwordless be the solution to poor shopping sign-up processes? - Help Net Security
Five cybersecurity predictions for 2022 and beyond - Help Net Security
HackDHS bug bounty program accepts reports of Log4j-related flaws in DHS systems - Security Affairs
Hackers que invadiram Ministério de Saúde atacam Correios - Poder 360
Hackers raspam conta de ONG que cuida de dependentes químicos - Metropoles
How PYSA and Lockbit are Dominating the Ransomware Landscape - CISO Mag
If Your Disclosure of a Data Breach Was “Late,” You May Have to Litigate - Data Breaches Net
IoT SAFE — An Innovative Way to Secure IoT - The Hacker News
Log4Shell is a dumpster fire that should have been avoided - Help Net Security
Pain and Suffering for a Data Breach? German Court Issues First Decision of Its Kind in Europe - Data Breaches Net
PCI SSC updates its device security standard for HSMs - Help Net Security
This new ransomware has simple but very clever tricks to evade PC defenses - ZDNet
Three trivial bugs in Microsoft Teams Software remain unpatched - Security Affairs
Up to 120,000 Cops May Have Legal Claim Over 2019 Breach - InfoSecurity Magazine
Watch out for Christmas 2021 credential stuffing attacks! - Help Net Security
22/12
4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories - The Hacker News
A new version of the Abcbot bot targets Chinese cloud providers - Security Affairs
Attackers bypass Microsoft patch to deliver Formbook malware - Help Net Security
China suspends deal with Alibaba for not sharing Log4j 0-day first with the government - The Hacker News
CISA releases Apache Log4j scanner to find vulnerable apps - Bleeping Computer
Conti ransomware is exploiting the Log4Shell vulnerability to the tune of millions - TechRepublic
Cybercriminals shifting focus: IT sector most targeted in 2021 - Help Net Security
Dridex malware trolls employees with fake job termination emails - Bleeping Computer
DuckDuckGo developing a robust privacy-focused desktop browser - HackRead
Ghana govt agency exposed 700k citizens’ data in a database mess up - HackRead
How confident can organizations be in their managed services security? - Help Net Security
Iranian Nation-State Adversaries Exploit Log4j Flaw Against Israeli Firms - CISO Mag
“Melding IT and OT Systems Can Create New Attack Vectors and Surfaces” - CISO Mag
Meta warns 50,000 users about ‘surveillance-for-hire’ firms targeting them - The Digital Hacker
Microsoft Teams bug allowing phishing unpatched since March - Bleeping Computer
Monongalia Health System notifies patients and employees of data breach - Data Breaches Net
NIST Password Guidelines 2021: Challenging Traditional Password Management - Security Boulevard
NVIDIA discloses applications impacted by Log4j vulnerability - Bleeping Computer
Open-source software holds the key to solving Log4Shell-like problems - Help Net Security
PYSA ransomware gang is the most active group in November - Security Affairs
Ransomware Empire: Who might blackmail your company? - Help Net Security
Russian Cyber Exec Extradited After Alleged Trading Conspiracy - InfoSecurity Management
Salesforce CTO talks e-commerce cybersecurity threat trends for 2022 - Help Net Security
Security Operations Center (SOC) Performance Falling Short - Security Boulevard
Site da Prefeitura de Brumadinho é invadido por hackers, que deixam vídeo com ameaças a mineradora - G1
Software flaws in walk-through metal detectors made them hackable - HackRead
The gift that keeps on giving: 7 tips to avoid cyber security threats - Security Boulevard
This ransomware strain just started targeting lots more businesses - ZDNet
Ubisoft Reveals Player Data Breach Came from User Error - InfoSecurity Management
US Returns $150m to Sony After Employee BEC Attack - InfoSecurity Management
21/12
5 Application Security Standards You Should Know - Security Boulevard
6 top cybersecurity trends from 2021 and their impact on 2022 - Help Net Security
Belgian defense ministry admits attackers accessed its computer network by exploiting Log4j vulnerability - Data Breaches Net
Best of 2021 – 10 Major Cyber Attacks Witnessed Globally in Q1 2021 - Security Boulevard
Best of 2021 – Leaked Data of Domino’s India Available on Search Engine - Security Boulevard
Ca: Big White issues data breach alert - Data Breaches Net
Combating identity fraud: The key is to avoid stagnation - Help Net Security
Cyber insurance trends: Insurers and insurees must adapt equally to growing threats - Help Net Security
Cybersecurity budgets surge, as skills gap wreaks havoc on 2022 plans - Help Net Security
Data breaches reported so far this year have surpassed full-year 2020 - Data Breaches Net
F-Secure uses flaw in at-home COVID-19 test to fake results - Tech Republic
FBI: Hackers are actively exploiting this flaw on ManageEngine Desktop Central servers - ZDNet
Garrett walk-through metal detectors can be remotely manipulated - Bleeping Computer
Hackers invadem sites do governo e vendem senhas de servidores de órgãos públicos - Agora Notícias Brasil
Hackers invadem sites do governo e vendem senhas de servidores de órgãos públicos - O Globo
How familiar are consumers with data protection best practices? - Help Net Security
HSE given stolen data, including medical records, taken by criminals during cyber attack in May - Data Breaches Net
Joker Malware Resurfaces; Over 500,000 Android Users Affected - CISO Mag
Log4j flaw: 10 questions you need to be asking - ZDNet
Log4j Vulnerability Aftermath - Security Affairs
Log4Shell enumeration, mitigation and attack detection tool - Help Net Security
Meta Platforms processa hackers que se passavam por Facebook, Instagram e WhatsApp - Olhar Digital
Meta Sues to Disrupt Prolific Phishing Campaign - InfoSecurity Magazine
Microsoft Warns of Active Directory Vulnerabilities - CISO Mag
More than 35,000 Java packages impacted by Log4j flaw, Google warns - Security Affairs
New Zero Day in ManageEngine Desktop Central Servers Identified - CISO Mag
Patch these 2 Active Directory flaws to prevent the takeover of Windows domains - Security Affairs
Police found 225 million stolen passwords hidden on a hacked cloud server. Is yours one of them? - ZDNet
Police National Computer not pwned by Clop ransomware crims, insists Home Office - Data Breaches Net
Rethinking cybersecurity becomes imperative as devices and apps move away from physical offices - Help Net Security
Russian hackers made millions by stealing SEC earning reports - Bleeping Computer
Scam Phishing Network Costs Victims $80m Per Month - InfoSecurity Magazine
Secret Backdoors Found in German-made Auerswald VoIP System - The Hacker News
The Analyst Prompt #42: Ransomware Attacks Not Letting Up as 2021 Draws to a Close - Security Boulevard
Top 7 common Cybersecurity Myths — Busted - The Hacker News
Tropic Trooper Cyber Espionage Hackers Targeting Transportation Sector - The Hacker News
Two backdoors detected in Auerswald VoIP ystem - HackRead
Ubisoft confirms Just Dance data breach amid developer exodus - ZDNet
UK British Council Struck by Two Ransomware Attacks in Five Years - InfoSecurity Magazine
UK Cyber Cops Share 225 Million Passwords with Breach Site - InfoSecurity Magazine
Understanding Software Supply Chain and How to Secure It - HackRead
US returns $154 Million in bitcoins stolen by Sony employee - Bleeping Computer
Why the updated OWASP Top 10 list can’t be addressed by WAF? - Help Net Security
Windows 10 21H2 adds ransomware protection to security baseline - Bleeping Computer
20/12
4 Ways Cybercriminals Exploit Remote Teams - HackRead
14 cybersecurity predictions for 2022 and beyond - MIT Technology Review
$30 million stolen from Grim Finance, audit firm blames new hire for vulnerability - ZDNet
After ransomware attack, global logistics firm Hellmann warns of scam calls and mail - ZDNet
Ataque de hackers derruba sistemas e exclui dados da PF e PRF - R7
Avast found backdoor in US Federal Agency Network - HackRead
Belgian Defense Ministry confirms cyberattack through Log4j exploitation - ZDNet
CISA Issues Emergency Directive on Log4j - Security Boulevard
Conveyancing IT crash - company slammed for ‘wall of silence’ - Estate Agent Today
Cyber-Attack Impacts Aussie Companies - InfoSecurity Magazine
Cybercriminals exploit Spiderman: No Way Home popularity to spread malware, push phishing scams: Report - The Hindu Business Line
Cybersecurity company identifies months-long attack on US federal commission - ZDNet
DarkWatchman RAT uses Windows Registry fileless storage mechanism - Security Affairs
Data stolen from Police National Database disappears from dark web - Tech Monitor
Desjardins settles data breach suit for a maximum CA$201m - Coop News
Execs Get 16+ Years After SBA Fraud Scheme - InfoSecurity Magazine
Experts Discover Backdoor Deployed on the U.S. Federal Agency's Network - The Hacker News
FBI: State hackers exploiting new Zoho zero-day since October - Bleeping Computer
GoTestWAF: Open-source project for evaluating web application security solutions - Help Net Security
Hackers, bogus charities and ‘phishing’ emails among Christmas scams reported in Warwickshire - Rugby Observer
Hackers são condenados por falsificação de documento em sistema processual - Consultor Juridico
Healthcare provider Texas ENT alerts 535,000 patients to data breach - The Daily Swig
How can AI be made more secure and trustworthy? - Help Net Security
How likely are employees to fall prey to a phishing attack? - Help Net Security
How will cyber threats evolve in 2022? Here’s what experts say - Mint Lounge
Insider Threats: Protecting from Within - InfoSecurity Magazine
Introducing ‘killware’ — malware designed to contaminate, disrupt critical services - The Last Watchdog
IoT, cryptocurrency may spur more attacks in 2022 — Palo Alto Networks - Back End News
Log4j vulnerability now used to install Dridex banking malware - Bleeping Computer
Meta Sues Hackers Behind Facebook, WhatsApp and Instagram Phishing Attacks - The Hacker News
Microsoft warns of easy Windows domain takeover via Active Directory bugs - Bleeping Computer
New DarkWatchman malware spread through phishing emails on Windows machines: What we know so far - India Today
New Hancitor Malware Loader Delivers Malware Via Clipboard - LHN
New Mobile Network Vulnerabilities Affect All Cellular Generations Since 2G - The Hacker News
New Log4j Patch Released to Fix DoS Flaw - InfoSecurity Magazine
Over 300 victims lose $760,000 to phishing scams related to delivery firms - The Straits Times
Phishing Attacks Getting Sneakier - Ericom Blog
Ransomware attack on Kronos impacts paychecks, log-in timesheets of employees of several firms - India Today
Ransomware Gang Publish Confidential Police Data on the Dark Web - InfoSecurity Magazine
Rise in Ottawa-area cyberattacks tied to dark web and new wave of criminals - Ottawa Citizens
Robocalls More Than Doubled in 2021, Cost Victims $30B - ThreatPost
Ruled by algorithms, gig workers remain powerless against automated decision-making - ZDNet
Scammers grabbed $7.7 billion worth of cryptocurrency in 2021, say researchers - ZDNet
Shifting security further left: DevSecOps becoming SecDevOps - Help Net Security
Synthetic identity fraud: What is it, and why is it harmful? - Tech Republic
The cybersecurity executive order is not all it’s cracked up to be - Help Net Security
The Log4j saga: New vulnerabilities and attack vectors discovered - Help Net Security
Tech Companies to Protect Data on Undersea Cable - InfoSecurity Magazine
UK govt shares 585 million passwords with Have I Been Pwned - Bleeping Computer
Ukrainian War Games Test Electricity Grid - InfoSecurity Magazine
Zero trust isn’t just for IT, it can also protect targeted critical infrastructure - Help Net Security
19/12
2021 Cyber Review: The Year Ransomware Disrupted Infrastructure - Government Technology
Blackmail group Conti uses “Log4Shell” vulnerability for its ransomware - Market Research Telecast
Caution: Log4j and TellYouThePass ransomware are attacking your servers! - Best Gaming Pro
Correos explains how to avoid being scammed this Christmas - Euro Weekly
Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes - Crypto News
Crypto Users Should Prepare For More Security Threats In 2022 - Bankless Times
Difficult to determine full blast radius of Internet bugs: Google - The Siasat Daily
Grim Finance hacked – $30 million worth of tokens stolen - HackRead
Hackensack Healthcare Providers Settle Investigation with OAG Following Two Data Breaches - Tap into Hackensack
Hive: A terribly lively ransomware franchise - Tech Gaming Report
Lessons India Can Draw From Sri Lanka’s Efforts With Data Protection Legislation - Wire
Meta bans cyber spying firms from its platforms - KBC
NASA: Mars helicopter Ingenuity does not use Log4j - Market Research Telecast
New cyberespionage campaign discovered, possibly linked to Iran - Israel Defense
New stealthy DarkWatchman malware hides in the Windows Registry - Bleeping Computer
Pro Wrestling Tees Issues Out Statement To Customers Following Data Breach - Wrestling Inc
Pro Wrestling Tees Suffers Security Breach, Statement Released - EWrestling News
'Residents should be wary' Councils issue warning on Amazon scam ahead of Christmas - Express
Return of Emotet lights up warning of new ransomware attacks - Play Crazy Game
Russian hackers leak confidential UK police data on the 'dark web' after their ransom was rejected - Mail Online
The biggest cyber hacks of 2021 - Coin Rivet
Urgent Phishing Alert: Warn Your Customers Against AdultFriendFinder Cons Today - Adotas