NEWS: Janeiro (02/01 - 08/01) - 01 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

08/01
7 Highly Effective Ways To Prevent Those Unexpected Zero-Day Attacks - News AKMI
Be aware of this password stealing banking malware - The Digital Hacker
Cyber scams: Australians lost $ 33 billion to online criminals - Bolly inside
FlexBooker says sorry for a data breach that exposed 3.7 million user details as well as partial credit card details - Best Gaming Pro
Flubot Android malware is back, popularized as fake flash players - RS News
Insider vs. Outsider Threats: Which Is Worse? - Make USe Of
Kuwait webs in grip of hackers - Arab Times
Online scam academies are offering classes on how to defraud people - Gent Side
Plugging the holes: How to avoid data breaches in 2022 - Apple Magazine
Ransomware attack shuts thousands of school websites globally - MenaFN
Trojanized dnSpy app drops malware cocktail on researchers, devs - Bleeping Computer
Warning from Martin Lewis over mistake when dealing with scam emails and texts - Wales Online
07/01
3.7M FlexBooker Records Dumped on Hacker Forum - ThreatPost
CES 2022 Puts Spotlight On How Governments, Businesses Can Prevent Cyberattacks - TechTimes
Cyber Security: How to protect yourself in 2022 - Financial Express
Cyber-Attack on New Mexico County - InfoSecurity Magazine
Cyberattackers Hit Data of 80K Fertility Patients - ThreatPost
EHR Vendor QRS Faces Lawsuit After Healthcare Cyberattack - Health IT Security
Facebook and WhatsApp users warned to change passwords after rise in phishing scams - Worksop Guardian
FBI: Hackers use BadUSB to target defense firms with ransomware - Bleeping Computer
FinalSite ransomware attack shuts down 5000 school sites - Education Technology
FlexBooker apologizes for breach of 3.7 million user records, partial credit card information - ZDNet
Grass Valley reveals extent of data breach - Yuba Net
Hotel Chain Converts Windows PCs To Chrome OS After Ransomware Attack - Ubergizmo
Lancashire residents given warning about Covid passport scam - LancsLive
Log4J-Related RCE Flaw in H2 Database Earns Critical Rating - ThreatPost
Majority of Americans say ransomware attacks should be considered terrorism - ITPro
Martin Lewis issues important scam warning to people across the UK - Redditch Advertiser
Medical Review Institute of America Notifies Patients of Data Breach - Business Wire
Nordic Choice Hotels Changes Windows to Chrome OS After Ransomware Attack - Tech Times
Norwegian Media Company Amedia Suffered a Serious Cyber Attack That Left Newspapers Unprinted - CPO Magazine
OG department store customers' personal details leaked in data breach - Asia One
Pupils receive each others' Covid results in school data breach - Computing
QNAP: Get NAS Devices Off the Internet Now - ThreatPost
QNAP warns of ransomware targeting Internet-exposed NAS devices - Bleeping Computer
Ransomware attack affected websites of 5,000 schools - CNN Politics
Recent Settlements and Penalties Show Perils of Data Breaches - JDSupra
Scheduling Platform FlexBooker Discloses Data Breach Affecting 3.7 Million Accounts - Gizmodo
Simple Active Directory tweak helps block BlackMatter ransomware attacks - ITPro
Supply chain cybersecurity: Pain or pleasure? - Help Net Security
Thousands of Schools Impacted After IT Provider Hit by Ransomware - InfoSecurity Magazine
US counterintelligence shares tips to block spyware attacks - Bleeping Computer
Zero Trust Is More Important Than Ever, Security Practitioners Earn - SDXCentral
06/01
8 AppSec Metrics You Should Be Monitoring - Security Boulevard
A Deeper Dive Into the Value of Centralized Logging - Security Boulevard
Alas! World’s biggest search engine was possessed with so many security issues - The Digital Hacker
Apple iOS bug makes your iPhones vulnerable to ransomware attacks - BGR In
Beware new breed of scammers offering classes in how to defraud people - Metro
Be aware of parking meter scams prevailing in Texas - The Digital Hacker
Building a Security Culture in Your Organization: How to Do It Successfully? - University Magazine
Bridging the “front and back of the house”: A lesson in risk management - Help Net Security
BYOD Finally Goes Mainstream - Security Boulevard
Credential Stuffers Compromised 1.1 Million Accounts - InfoSecurity Magazine
Crypto Firm Pulls the Rug from Under Investors with $10m Scam - InfoSecurity Magazine
Cyber attack on UK Defence Academy causes “significant” damage - IT Governance
Cyber police prevents theft of over $720,000 from account of medical company - Interfax Ukraine
Cyberattack insurance: companies expect spike in interest following Impresa hack - Portugal Resident
Data security is a mainstay in the hospitality industry - TechHQ
Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds - CyberScoop
Experts uncover Elephant Beetle, an organized financial-theft operation - Help Net Security
FBI warns about ongoing Google Voice authentication scams - Bleeping Computer
Five tips on how to stay (cyber)secure in a hybrid work world - Help Net Security
France hits Facebook and Google with $210 million in fines - Bleeping Computer
France hits Google, Facebook with fines over ‘Cookies’ management - Security Affairs
Gardaí pursuing 'definite lines of inquiry' after a spate of phishing and smishing fraud - Irish Examiner
Google Buys Siemplify to Bolster Security Analytics Tools - Data Breach Today
Google Chrome rival Brave reports another big jump in users - ZDNet
Google Docs comment feature abused in phishing campaign - Security Affairs
Google Docs commenting feature exploited for spear-phishing - Bleeping Computer
Hackers exploit Google Docs in new phishing campaign - TechRepublic
How to Download, Install & Use CyberGhost VPN on Router? - TechNadu
Hundreds of real estate websites using cloud video hosting providers, victimized by online skimming attacks - The Digital Hacker
Indonesia: Health Ministry probes alleged leak of six million patients' data - Antara News
Insecure Amazon S3 bucket exposed personal data on 500,000 Ghanaian graduates - The Daily Swig
Kronos outage latest: Attackers took down connection to backups; Log4j not involved - The Stack
LastPass states that passwords weren’t compromised after fear of a security breach - The Digital Hacker
Log4j flaw hunt shows how complicated the software supply chain really is - ZDNet
Man Pleads Guilty to $50m Investment Fraud Scheme - InfoSecurity Magazine
Managing cyber security in the third wave: Governance, regulatory adherence key for the insurance sector - Express Computer
New Trick Could Let Malware Fake iPhone Shutdown to Spy on Users Secretly - The Hacker News
New York Attorney General flags 1.1 million online accounts compromised by credential stuffing attacks - The Daily Swig
NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance - The Hacker News
NoReboot persistence technique fakes iPhone shutdown - Security Affairs
North Korean Hackers Greet Russian Diplomats with Malware - CISO Mag
North Korean Hackers Start New Year with Attacks on Russian Foreign Ministry - The Hacker News
Personal details of OG department store customers leaked in data breach - The Straits Times
Posts promoting Amazon cryptocurrency are a scam - RTL Today
Ransomware attacks will be more targeted in 2022: Trend Micro - IT World Canada
Report: $2.2 billion in cryptocurrency stolen from DeFi platforms in 2021 - ZDNet
Rhode Island Public Transit Authority (RIPTA) data breach raises questions about who else has access to data - The Provider Journal
Samoa Met Service website may have suffered cyber attack - RNZ
SEGA’s Saga of Nearly Compromised Credentials - Security Boulevard
Skimmer fisgou milionários em imobiliária de luxo - CISO Advisor
SOCs: Marrying the business and security - ITWeb
Swiss army bans all chat apps but locally-developed Threema - Bleeping Computer
The Log4j debacle showed again that public disclosure of 0-days only helps attackers - Help Net Security
There Are Over 1,200 Online Phishing Toolkits According to This Study - Digital Information World
This sneaky hacking group targets old Java applications to break into networks - ZDNet
UK Police Seize £322m of Cryptocurrency in Past Five Years - InfoSecurity Magazine
Union bank of India launches cyber security awareness kit and automatic VAPT lab - Express Computer
US online pharmacy Ravkoo links data breach to AWS portal incident - Bleeping Computer
VMware fixed CVE-2021-22045 heap-overflow in Workstation, Fusion and ESXi - Security Affairs
Your cybersecurity training needs improvement because hacking attacks are only getting worse - ZDNet
Where Are You in Your Zero Trust Journey? - Data Breach Today
05/01
5 ways hackers steal passwords (and how to stop them) - We Live Security by eSet
9-year-old Windows flaw abused to drop ZLoader malware in 111 countries - HackRead
Abu Dhabi forms Cyber Eye to protect its digital assets against cyber threats - ITP Net
API security: Understanding the next top attack vector - Help Net Security
Biggest Hacks and Leaks in the Crypto Industry - Captain Coin
BTC-Alpha Is Back On Coinmarketcap After a Ransomware Attack - PRLeap
Cloud video platform abused in web skimmer attack against real estate sites - HackRead
Cybersecurity Trends for 2022 - InfoSecurity Magazine
Despite Mitigation Efforts, Cyber Attacks and Rate Hikes to Continue in 2022 - Insurance Journal
Don’t fall for phishing scams, follow these tips - Tech Native
East Bay Dasher loses earnings, gets kicked off DoorDash after hackers take over his account - 7News
‘Elephant Beetle’ spends months in victim networks to divert transactions - Bleeping Computer
Fighting fraud in the supply chain with blockchain - Information Age
Going Back to Basics to Fix Our Broken Approach to Cybersecurity - Computer Crime Research
How ransomware is destabilising cyber insurance – and what to do about it - Intelligent CIO
How to make strong passwords and protect them: A simple guide - Cool Mom Tech
Indians among 2,170 hacked via Microsoft signature verification - Ummid
Info-Stealing Malware Hits 100+ Countries - InfoSecurity Magazine
Internet restored after cyber attack against Rowan-Salisbury Schools - Salisbury Post
iOS malware can fake iPhone shut downs to snoop on camera, microphone - Bleeping Computer
Jio warns users of a cyber fraud through which hackers get access to Aadhaar, bank details - Medianama
Malsmoke hackers abuse Microsoft signature verification in ZLoader cyberattacks - ZDNet
Microsoft code-sign check bypassed to drop Zloader malware - Bleeping Computer
Millions of mixtape fans could be at risk of being hacked - TechRadar Pro
Morgan Stanley agrees to $60 million settlement in data breach lawsuit - ZDnet
New York Attorney General alerts 17 companies to 'credential stuffing' cyberattacks impacting more than 1.1 million consumers - Niagra Frontier Publications
New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification - The Hacker News
Purple Fox rootkit discovered in malicious Telegram installers - ZDNet
Researchers Uncover Hacker Group Behind Organized Financial-Theft Operation - The Hacker News
SMBs should consider new approaches for increasing their cybersecurity posture - Help Net Security
Sophos discovers AvosLocker, a new ransomware that uses AnyDesk in Safe Mode to launch attacks - New Straits Times
The sophistication of underground eCrime laid bare - TechRadar Pro
Urgent Instagram warning for BILLIONS of users that could see accounts locked - The Sun
U.S. ransomware attack spells pay woes for London hospital cleaners - The London Free Press
What to Do in the Aftermath of a Data Breach - PC Magazine
Why Business Leaders Need to Keep a Close Eye on GDPR and UK Data Protection Laws - Tech Native
04/01
5 Actionable Tips to Stay Protected from Frauds and Scammers on the Internet by Emir Ceric - Net News Ledger
6 Common Security Vulnerabilities in enterprise databases that should be on your radar - TechGenyz
Attackers abused cloud video platform to inject an e-skimmer into 100 Real Estate sites - Security Affairs
Avoid being held captive by ransomware with secure, reliable backups - GCN
Billing Error Causes PHI Breach at Illinois Health System - Health IT Security
Broward Health suffered a data breach that impacted +1.3 million people - Security Affairs
Care New England has to manually pay workers after cyber attack - ABC6
Clinic Notifies 212,500 About 2020 Breach Involving Fraud - GovInfo Security
Credential Stuffing and Account Takeover Attacks Continue to Rise - PerimeterX
Cyber attack ‘caused a mess’ with Crawford County computer systems - TB&P
Cyberattack against UK Ministry of Defence training academy revealed - ZDNet
Cybercrimes Can Only Be Reduced With A Better Investigation System In Place - YKA
Cybercriminals Can Breach 93% Of Company Networks and Trigger Unacceptable Events in Under a Month, Study Finds - CPO Magazine
Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites - ThreatPost
Defence Academy suffered ‘significant’ cyber attack - UK Authority
Feds Step Up Cybersecurity Support for State Governments - NextGov
Florida's Broward Health Hit by Data Breach of 1.3M Patients' Records - PYMNTS
FTC to pursue companies that expose customer data due to not patching Log4j - ZDNet
Going Back to Basics to Fix Our Broken Approach to Cybersecurity - CPO Magazine
Hackers breached Florida health care system, potentially exposing data on 1.3 million people - KeyT (FOX News Channel)
Hackers hit Broward Health network, potentially exposing data on 1.3M patients, staff - Fierce Healthcare
Hackers target Portugal’s Impresa group, taking major sites down - Portugal Resident
Hackers use video player to steal credit cards from over 100 sites - Bleeping Computer
Have I Been Pwned warns of DatPiff data breach impacting millions - Bleeping Computer
Healthcare cloud infrastructure market size to reach $142 billion by 2028 - Help Net Security
Hospitality Chain McMenamins discloses data breach after ransomware attack - Security Affairs
Human error can result in Mac security breaches - Apple Magazine
Illinois Insurer Insolvency Office Hit by $6.8 Million Cyber Attack - Insurance Journal
Keeping your guard up: Python-based ransomware attacks - IT Pro Portal
LastPass issues statement on credential attack - SC Media
Log4j flaw attack levels remain high, Microsoft warns - ZDNet
Malicious Telegram installers are distributing malware - TechRadar Pro
McMenamins Data Breach Affects 12 Years of Employee Info - ThreatPost
Microsoft Fixes New Year's Day Exchange Server Bug - InfoSecurity Magazine
Mobile Application Security: 2021's Breaches - Dark Reading
Money Launderers Get 33 Years for £70m Criminal Scheme - InfoSecurity Magazine
Montreal tourism agency confirms cyber attack - IT World Canada
Morgan Stanley agrees $60 million settlement in data breach lawsuit - ITPro
NFT hack sees collector lose $2.2 million of ‘Bored Ape’ pictures - Independent
North Wales Police Cyber Crime Team warning about fake Currys email - Deeside
Over 20 years of employee data leaked during McMenamins ransomware attack - ZDNet
Patient Info Exposed After Data Breach at South Florida Hospital System - Insurance Journal
Preventing document fraud in a world built on digital trust - Help Net Security
Protecting the Most Crucial Software Supply Chain Targets - InfoSecurity Magazine
Purple Fox backdoor spreads through fake Telegram App installer - Security Affairs
Ransomware – The data recovery challenge - CRN India
Ransomware Attacks Spur Biden Administration to Take Aggressive Approach to Cybersecurity - Executive Gov
Researchers Detail New HomeKit 'doorLock' Bug Affecting Apple iOS - The Hacker News
‘Ruthless’ Vice Society claims responsibility for Spar ransomware attack - Tech Monitor
SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts - The Hacker News
SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More - ThreatPOst
Serious Vulnerability Allows Phishing Emails to Be Sent From Uber.com Domain - Latest Hacking News
Should businesses be concerned about APT-style attacks? - Help Net Security
The Biggest CyberSecurity Threats to be Aware of in 2022! - The TechNews
The Year of the Defender – 2022 Predictions for OT/IoT Security - Nozomi Networks
UK Defence Academy Attack Forced IT Rebuild – Report - InfoSecurity Magazine
UK's Defence Academy suffered damaging cyber attack last year - Computing UK
Urgent warning to check Gmail and Hotmail for ANY email from Uber right now - The Sun
UScellular discloses data breach after billing system hack - Bleeping Computer
Ways to protect your online privacy, payments, and data - Wire 19
What Is Social Engineering? Human Hacking in 2022 - Cloudwards
03/01
6 Ways to Delete Yourself From the Internet - Wired
A CISO’s guide to discussing cybersecurity with the board - Help Net Security
According to a survey, 60% of information security specialists in the United States feel ransomware is as dangerous as terrorism - Best Gaming Pro
Accounting Firm Faces Lawsuit Over Healthcare Data Breach - Health IT Security
Apple iOS vulnerable to HomeKit 'doorLock' denial of service bug - Bleeping Computer
Are Medical Devices at Risk of Ransomware Attacks? - The Hacker News
Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware - The Hacker News
Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022 - We Live Security by eSet
Broward Health discloses data breach affecting 1.3 million people - Bleeping Computer
Data breach: Broward Health warns 1.3 million patients, staff of 'medical identity theft' - ZDNet
Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations - The Hacker News
Don't copy-paste commands from webpages — you can get hacked - Bleeping Computer
Here's what to do if data belonging to a deceased loved one was stolen in the N.L. cyberattack - CBC
How Access Monitoring Protects Providers From Health Data Breaches - Health IT Security
How to Solve Your Organization’s Password Woes - InfoSecurity Magazine
How to use WHOIS to analyse scams - Pickr
Japan: Ministry to issue guidelines against ransomware attacks on hospitals - The Japan News
Jerusalem Post and Maariv hacked on Gen. Soleimani’s death anniversary - HackRead
Microsoft rolled out emergency fix for Y2k22 bug in Exchange servers - Security Affairs
Portugal's Impresa media outlets hit by hackers - Thomson Reuters
Ransomware attacks decrease, operators started rebranding - Help Net Security
Ransomware attacks reportedly hit two out of every three Spanish companies in 2021 - Euro Weekly News
The worst cyber attacks of 2021 - Security Affairs
These will be the worst cybersecurity threats in 2022 - Paris Beacon News
This New Year, why not resolve to ditch your dodgy old passwords? - Davids Course
Uber lets you send anyone an email claiming to be from Uber.com - TechRadar Pro
Why the UK’s energy sector is fragile and ripe to cyber attacks - Help Net Security
02/01
Cybercriminals adopting different strategies during pandemic, warn cyber experts - The Hindustan Times
Exclusive: NASA Director Twitter account hacked by Powerful Greek Army - Security Affairs
Hackers accidentally hacked the police, and then they themselves gave the decryption key - The Times Hub
How to Protect Your Devices From Getting Hacked - Albawaba
Malicious Domains are a serious cyber security threat for businesses - Digital Information World
Microsoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service - The Hacker News
Uber ignores vulnerability that lets you send any email from Uber.com - Bleeping Computer