NEWS: Janeiro (09/01 - 15/01) - 02 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

15/01


9 Times Hackers Targeted Cyberattacks on Industrial Facilities


Aditya Birla Fashion (ABFRL) Data Allegedly Leaked Online, Over 5 Million Email Addresses Breached


Brunei Postal Dept warns of phishing scams via WhatsApp


City of Tenino loses $280,309 to phishing email scam, state Auditor’s Office says


Considering a Move to Zero Trust Security? Keep these Identity Security Practices and Resources in Mind


Don’t download this COVID app! It’s spreading malware


Five cybersecurity myths that are compromising your data


‘Golden era’ for cyber attacks as criminals take advantage of pandemic


Hackers disrupt payroll for thousands of employers — including hospitals


Hackers Use Legitimate Adobe Emails to Harvest Credentials


Largest dark web market for stolen cards UniCC calls it quits


Linux malware sees 35% growth during 2021


macOS, Windows, Linux all targeted by new cross-platform exploit


NYC schools crippled by week-long data service systems outage


North Korean Hackers Carefully Stole $400 Million in Crypto Last Year


Qlocker ransomware returns to target QNAP NAS devices worldwide


Russia charges 8 suspected REvil ransomware gang members


SRT email service outage continues


The huge sums of money that explain why there are so many SMS and email phishing scams in Spain


U.S., France discuss measures to support Ukraine after cyberattack on govt websites – U.S. Department of State


14/01


3rd-party flaws allowed a teen hacker to track location of Tesla cars


2022 Cybersecurity Guide: The Security Gift For Your Loved Ones


A 'massive' hacking attack has hit government websites in Ukraine


Accellion to pay $8.1M in proposed data breach settlement


AWS Patches Glue Bug That Put Customer Data at Risk


Auto parts maker Denso targeted in ransomware cyberattack


Buckeye Broadband email accounts down due to ransomware attack


Clinic Breach Affecting 200,000 Tied to Vendor's 2020 Attack


Computer hackers apparently target City of North Port


Dark web carding platform UniCC shuts up shop after making millions


Data breach: Sheffield Council reprimanded after 8.6 million vehicle number plates were shared on the internet


Defense contractor Hensoldt confirms Lorenz ransomware attack


EHR vendor QRS sued over breach to patient portal server


Email Service Mail2World Reported Down


Flaw Found in Biometric ID Devices


Four Ways Retailers Can Prevent and Protect Customers from a Cyber Security Attack


Goodwill discloses data breach on its ShopGoodwill platform


Hacker group REvil arrested, dismantled at US request: Russian intelligence agency


Hacking Is the New Car Jacking: How To Secure Vehicle Data


How to protect yourself against Sim-swapping scams with mobile phone fraud on the rise


Husband and wife among ransomware operators arrested in Ukraine


In Government, Access Control Means Cybersecurity


Insider Threats are a Quiet Risk in your System


Lasting Effects of Kronos Cyberattack Ripple Through Healthcare


Magniber Ransomware is becoming a nightmare for Edge users


Maryland lawmaker: Officials misled on ransomware attack


‘Massive’ Cyberattack on Ukraine Cripples Gov’t Websites


Mitigating Insider Security Threats with Zero Trust


NatWest ‘new device registered’ scam texts: what to look out for


North Korea hackers stole US$400mln of crypto last year, report


North Korean Hackers Stole $400m in Cryptocurrency Last Year


OCBC Singapore scam victims, many who lost life savings, slam bank for underwhelming response


Oscar Health Plan of California Notice of Data Breach


Questions linger after MDH ransomware attack


Ransomware attack at Durham Johnston School


Ransomware sets its sights on IOT/OT


Researchers develop CAPTCHA solver to aid dark web research


Russia arrests REvil ransomware gang members at request of US officials


Russian authorities take down REvil ransomware gang


SSU Assures Of No Personal Data Breach Due To Cyberattack On Public Authorities


SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks


State police warn of new 'phishing' scam that involves parking meters


Tech Giants to Team-Up on Open Source Security After White House Meet


The future of security protocols for remote work


The race towards renewable energy is creating new cybersecurity risks


Three Plugins with Same Bug Put 84K WordPress Sites at Risk


Transport for NSW finds more customers, employees impacted by Accellion breach


Ukrainian Cops Bust Suspected $1m Cybercrime Ring


Watch out, that Microsoft Edge update is actually ransomware


What is ransomware and how does it work?


White House confirms person behind Colonial Pipeline ransomware attack nabbed during Russian REvil raid


Why Third Parties are the Source of So Many Hacks



13/01


Adobe Cloud Abused to Steal Office 365, Gmail Credentials


All 2BILLION WhatsApp users warned of simple mistake that can get your account hacked


AWS fixes security flaws that exposed AWS customer data


BlueNoroff hackers steal crypto using fake MetaMask extension


Carding site UniCC retires after generating $358 million in sales


Consumer IAM market to reach $17.6 billion by 2026


Cops warn of increasing number of bank scams as fraudsters target residents in Spain’s Palma


Councillors refuse public release of IT audit of Hackney Psya ransomware attack


Cybersecurity Trends for 2022


DDoS Attacks Broke All Records in 2021


Delivering vulnerable signed kernel drivers remains popular among attackers


Fake Telegram App Distributes Purple Fox Malware


FBI Issues Warning on FIN7 USB Stick Exploit


FCC Proposes Stricter Data Breach Reporting Requirements


Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry


GootLoader Hackers Targeting Employees of Law and Accounting Firms


Hot wallet hack: Hackers steal $18.7m from Animoca’s Lympo NTF platform


Hotel chain switches to Chrome OS after Windows ransomware attack


How threat intelligence can help the financial industry prepare for cyber threats


How to ensure a Zero-Trust approach for remote workers


IBM predicting what 2022 holds for cybersecurity


Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor


Lazarus, Cobalt, and FIN7 have all been identified as major hacker organisations targeting the financial sector


Maryland Department of Health Systems Down 1 Month After Ransomware Attack


Massachusetts State Police warn of parking scam that uses QR codes to steal bank account, credit card information


Microsoft Defender weakness lets hackers bypass malware detection


Most Users Are Unaware That Their Passwords Are Compromised, New Study Shows


New GootLoader Campaign Targets Accounting, Law Firms


New "Undetected" Backdoor Runs Across Three OS Platforms


New Zealand: 5 cyber threats to look out for this year


NSO spyware found targeting journalists and NGOs in El Salvador


Norton's cynical crypto ploy: A dark harbinger of crapware to come?


OCBC phishing scam underscores trade-off between convenience and security, with bank customers at risk: Experts


Putting Skin in the Cyber Insurance Game


Ransomware attack impacts Buckeye Broadband email service vendor


Ransomware attack on New Mexico jail put prisoners in lockdown


Ransomware attack on vendor shuts down Buckeye email services


Ransomware locks down prison, knocks systems offline


Report Identifies Weaknesses in Online Banking Security


Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys


Singapore: 1,200 phishing scams since December; some culprits impersonate officials and use stolen data to set up e-wallet


The Human Resources Impact Of The Kronos Ransomware Attack


The public sector is more concerned about external than internal threats


The rising threat of cyber criminals targeting cloud infrastructure in 2022


The Rhode Island Public Transit Authority (RIPTA) Data Breach May Provide Valuable Lessons About Data Collection and Retention


UK jails man for spying on kids, adults with Remote Access Trojans


Ukrainian cops nab husband and wife suspected to be part of $1m ransomware operation


US Cyber Command links MuddyWater to Iranian intelligence


US: MuddyWater is Iranian State-Backed Group


What is ‘sextortion’ and why are cases on the rise?


What makes edge computing successful?


When it comes to banking security, there’s no silver bullet


When open-source developers go bad


Why You Need Pentesting-as-a-Service (PtaaS)



12/01


2022 promises to be a challenging year for cybersecurity professionals


A new multi-platform backdoor is leveraged by an advanced threat actor


Adobe fixes 4 critical Reader bugs that were demonstrated at Tianfu Cup


Attackers More Successful at Delivering Malware Payloads


Audit Your Active Directory with a free, read-only scan from Specops


Check your SPF records: Wide IP ranges undo email security and make for tasty phishes


CISA Adds 15 New Flaws to its Actively Exploited Vulnerabilities Catalog


Cisco Talos discovers a new malware campaign using the public cloud to hide its tracks


EA: 50 high-profile FIFA 22 accounts taken over by phishing actors


European Union to Launch Supply Chain Attack Simulation


Europol Ordered to Delete Vast Trove of Personal Information


FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure


Firefox 96 update focuses on noise improvements, main thread efficiency


Hackers take over diplomat's email, target Russian deputy minister


Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware


How safe are cloud applications?


How to Make API Security an Integral Part of Your Application Security Strategy


Interview: Open Banking Opens Customer Data to Third Parties


Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor


Log4j: How hackers are using the flaw to deliver this new 'modular' backdoor


Magniber ransomware using signed APPX files to infect systems


Maryland Department Of Health Confirms Ransomware Attack Caused Disruption In COVID-19 Data Last Month


Microsoft Starts 2022 with 97 CVEs in January Patch Tuesday


New RedLine malware version distributed as fake Omicron stat counter


New SysJoker Espionage Malware Targeting Windows, macOS, and Linux Users


New Windows KB5009543, KB5009566 updates break L2TP VPN connections


OceanLotus hackers turn to web archive files to deploy backdoors


Oxeye Tool Can Counter Log4j Obfuscation Attacks


Remote Access Trojans spread through Microsoft Azure, AWS cloud service abuse


Researchers Uncover NetUSB RCE Flaw Affecting Millions of Routers


SMEs still an easy target for cybercriminals


South African justice department clueless about hacked data


TellYouThePass ransomware returns as a cross-platform Golang threat


This new malware wants to create backdoors and targets Windows, Linux and macOS


Two Years for Man Who Used RATs to Spy on Women and Children


UK Launches Initiative to Develop Global AI Standards


US government urges organizations to prepare for Russian-sponsored cyber threats


XDR: Redefining the game for MSSPs serving SMBs and SMEs


Zero-Trust for Health Care in the Age of Ransomware


Who is the Network Access Broker ‘Wazawaka?’


Why 2022 Should be a Year of Cybersecurity Optimism


WI: Neenah schools investigating apparent cyber attack; classes canceled Wednesday



11/01


9 ways that cybersecurity may change in 2022


2021 was a terrible year for cybersecurity. Without action, 2022 could be even worse


2022 Cybersecurity Predictions from Lookout: Work From Anywhere Ends On-Premises Security


A Missouri Reporter Is (Still) Getting Blamed For the Security Flaw He Exposed


A psicologia reversa do MITRE ATT&CK – Parte 1


AvosLocker ransomware now targets Linux systems, including ESXi servers


BADNEWS for Hackers! Patchwork Group Expose Themselves in Malware Campaign


Banks Still Struggling to Spot the Signs of Human Trafficking


Brasil tem 77% mais ataques em 2021 do que em 2020


CISA adds 15 exploited vulnerabilities from Google, IBM, Microsoft, Oracle and more to catalog


Connecticut company that hosts school websites recovering from ransomware attack


DDoS attacks that come combined with extortion demands are on the rise


Corporate Cyber-Attacks Spike 50% in 2021


Critical SonicWall NAC Vulnerability Stems from Apache Mods


Cybersecurity in 2022: Addressing Insider Threats


Cybersecurity: Last year was a record year for attacks, and Log4J made it worse


Data security in the age of insider threats: A primer


EU data watchdog to Europol: You've helped yourself to too much data


FIN7 Mailing Malicious USB Sticks to Drop Ransomware


Focus On Protecting Critical Infrastructure and Supply Chains


Four million outdated Log4j downloads were served from Apache Maven Central alone despite vuln publicity blitz


‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS


Google Drive accounted for the most malware downloads from cloud storage sites in 2021


How the pandemic fueled enterprise digital transformation


How to Prevent Steganography Attacks


Incident Management: Benefits, KPIs and Best Practices


Indian APT exposes its Modus Operandi by infecting their own devices


JumpCloud Makes Built In Colorado’s 2022 Best Places to Work List


KCodes NetUSB bug exposes millions of routers to RCE attacks


KCodes NetUSB kernel remote code execution flaw impacts millions of devices


Major Indian fashion retailer hacked and data leaked


Many users don’t know how to protect their broadband Wi-Fi routers


Microsoft January 2022 Patch Tuesday fixes 6 zero-days, 97 flaws


Microsoft January 2022 Patch Tuesday: Six zero-days, over 90 vulnerabilities fixed


Millions of Routers Exposed to RCE by USB Kernel Bug


Missouri school district’s employee data dumped by ransomware group


New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors


New RedLine malware version spread as fake Omicron stat counter


New SysJocker backdoor targets Windows, macOS, and Linux


Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers


Night Sky ransomware uses Log4j bug to hack VMware Horizon servers


Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft


Romance Scammers Stole £92m From Victims Last Year


Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay?


‘Shame on You, Moxie Marlinspike’—Fake Cash Scheme Pollutes Signal Nonprofit


Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO


Small businesses are most vulnerable to growing cybersecurity threats


Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns


The Final Count: Vulnerabilities Up Almost 10% in 2021


This engineer broke enterprise applications for not donating for his open-source project


This is the Year to Create a Cybersecurity Culture


Tracking Adversaries in AWS using Anomaly Detection, Part 1


Tracking Adversaries in AWS using Anomaly Detection, Part 2


US govt warns of Russian hackers targeting critical infrastructure


What to Include in a Cybersecurity Disaster Recovery Plan


World Economic Forum: Cybersecurity an Increasing Global Threat


WordPress 5.8.3 Security Release fixes four vulnerabilities



10/01


6 cloud security trends to watch for in 2022


Abcbot and Xanthe botnets have the same origin, experts discovered


Abcbot Botnet Linked to Operators of Xanthe Cryptomining malware


Abcbot botnet is linked to Xanthe cryptojacking group


Ataque hacker no Ministério da Saúde completa um mês e pasta ainda convive com ‘apagão’ de dados


Ataque hacker: sistema de dados voltou ao ar, diz Ministério da Saúde


Attackers aren’t finished using Log4Shell, says Microsoft and FTC


California town announces data breach involving police department, loan provider


CISA director: 'We have not seen significant intrusions' from Log4j -- yet


Connecticut Nerds Report CSAM


Cyber-Thieves Raid Grass Valley


Detect and identify IoT malware by analyzing electromagnetic signals


Eight resolutions to help navigate the new hybrid office model


Europol ordered to erase data on those not linked to crime


Finalsite: All School Sites Now Restored After Ransomware Attack


FlexBooker Reveals Major Customer Data Breach


Forensics Expert Kept Murder Snaps on PC


How to lock down your Microsoft account and keep it safe from outside attackers


Indian-linked Patchwork APT infected its own system revealing its ops


Indian Patchwork hacking group infects itself with remote access Trojan


Linux Mint 20.3 released promising security updates until 2025


Malware Hide-in-SSD Firmware gets a makeover found


Microsoft: powerdir bug gives access to protected macOS user data


New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4)


New ZLoader malware campaign hit more than 2000 victims across 111 countries


npm Libraries ‘colors’ and ‘faker’ Sabotaged in Protest by their Maintainer—What to do Now?


On-premises cloud: The worst of both worlds?


Oops: Cyberspies infect themselves with their own malware


Over Half of SMEs Have Experienced a Cybersecurity Breach


Ransomware warning: Cyber criminals are mailing out USB drives that install malware


Researchers Find Bugs in Over A Dozen Widely Used URL Parser Libraries


Securing Onboarding and Offboarding in the Cloud


Several EA Sports FIFA 22 players have been hacked


Sonrai Security Enters 2022 with Exponential Revenue Growth and Strong Customer Acquisition and Retention


The Number 1 Enemy of XDR and SIEM: Dwell Time


Um mês após ataque hacker, Ministério da Saúde diz que integração entre sistema de dados foi restabelecida na sexta


Unified communications market size to reach $344.84 billion by 2028


US Issues Warning Over Commercial Spyware


What to expect in 2022 privacy wise?


WordPress 5.8.3 security update fixes SQL injection, XSS flaws



09/01


BADNEWS! Patchwork APT Hackers Score Own Goal in Recent Malware Attacks


Beware! Flubot Android Malware is Back


Cyber Defense Magazine – January 2022 has arrived. Enjoy it!


Cybersecurity crucial for ongoing digitisation of banking industry: researchers


Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps


FBI warning: FIN7 gang sends USB sticks containing ransomware


Google docs malware warning as cybercriminals send bogus links to users in spear-phishing scam


Medical Review Institute of America Notifies Patients of Data Breach


QNAP issues ransomware warning to users: secure your devices or disconnect unprotected NAS


Ransomware attack shuts school websites


Rhode Island Public Transit Authority (RIPTA) data breach linked to file wrongly stored on employee's hard drive, unions told


Scheduling platform Flexbooker hacked, 3.7 mn users’ data stolen


Thieves steal NFTs collection valued at $2.2 million


Warning: “Lots of reports about scam NHS Covid Pass text message” says North Wales Police Cyber Crime Team



NEWS: Janeiro (02/01 - 08/01) - 01 Semana de 2022

Who am I...

Apenas um amante da tecnologia e da Segurança da Informação. Hacker ? Até que prove ao contrário não.. Profissional ? Sim.. Mais de 20 anos no mercado de Segurança da Informação sempre atuando em grandes Empresas.

 

Levantando a bandeira de que hacker é um profissional e especialista naquilo que ele faz. Hacker é um especialista, um pesquisador, um profissional como outro qualquer.

Skatista, músico e fotógrafo de instagram nas horas vagas....

Procurar por Tags