NEWS: Janeiro (16/01 - 22/01) - 03 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

22/01

Adapt to a culture of cyber security

Are embedded devices the next ransomware target?

Brazil: Central Bank reports data leak of 160,100 Pix keys

CISA adds 17 vulnerabilities to list of bugs exploited in attacks

COVID-19 data leaked online, government denies data breach from Cowin portal

Crypto Hackers Using This to Trap Victims

Crypto.com CEO responds to complaints of login issues after $31 million hack

Data breaches continue to pile up in Brazil

Don’t scan that QR code! Hackers are using them to steal your info and money

Dutch cybersecurity agency warns of lingering Log4j risks

Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on Ukraine

Jefferson Health data breach affects 9,000 patients

Make Data Protection Compliance Part of Your Business Strategy

Microsoft warns of large 'Upgrade' phishing campaign

Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure

One third of ‘phishing’ websites usually disappear within 24 hours

OpenSubtitles Hacked - Data Breach Affected 7 Million Subscribers

Sacramento County phishing scam data breach exposed health and personal information

School District reports a 334% hike in cybersecurity insurance costs

‘SIM Swapping’ Explained | What’s SIM Swapping and Why Is It So Dangerous?

Simple malware is draining millions in crypto from retailers: Report

Someone Appears to Have Hacked the USDA’s Website to Share Pirated Movies

What is a cyber incident and how to prevent our computers and mobile phones from being attacked?

Why this threat intelligence expert believes cyberattacks aren’t Ukraine’s biggest concern

21/01

Amazon fake crypto token investment scam steals Bitcoin from victims

Biden Signs Authority for NSS to NSA: Think CISA for Military, Intel Systems

Chinese APT deploys MoonBounce implant in UEFI firmware

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

Conti ransomware gang started leaking files stolen from Bank Indonesia

COVID19 Phishing Emails Surge 500% on Omicron Concerns

Cybersecurity industry trends from 2021 bound to shape this year’s threat landscape

Does Your Cyberinsurance Policy Cover Cyberwar?

Exposed records exceeded 40 billion in 2021

FBI warning: This new ransomware makes demands of up to $500,000

GA: Peachtree Orthopaedic Clinic reports breach to HHS

Google Drive starts warning users about suspicious files

Google Project Zero discloses details of two Zoom zero-day flaws

How do IT leaders plan to overcome remote work security challenges?

How to Build a Security Awareness Training Program

(ISC)2 Appoints its First CISO

Japan’s Supreme Court rules cryptojacking scripts are not malware

McAfee Agent bug lets hackers run code with Windows SYSTEM privileges

Memorial Health System Confirms Data Breach

Microsoft disables Excel 4.0 macros by default to block malware

MoonBounce UEFI implant spotted in a targeted APT41 attack

Nasty Linux kernel bug found and fixed

New Log4j 1.x CVEs, and critical Chainsaw Vulnerability — What to Do?

NYU Langone notified 1,123 patients of privacy issue due to mailing vendor error

Over 90 WordPress themes, plugins backdoored in supply chain attack

Pennsylvania Approves Ransomware Bill

Phishing impersonates shipping giant Maersk to push STRRAT malware

Should You File a Claim in a Data Breach Settlement?

SonicWall shares temp fix for firewalls stuck in reboot loop

The Governor Who Thinks Examining HTML Is Criminal Hacking Is Now Working To Make Missouri’s Public Records Laws Worse

The importance of securing machine-to-machine and human-to-machine interaction

The Rise of the 24/7 Security Scanning Access Point

Two-Fifths of Ransomware Victims Still Paying Up

U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize Ukraine

When it comes to API security, expect the whole world to be testing your mettle, says Twitter CISO

20/01

21 sites institucionais do governo da Bahia são alvos de ataques de hackers

Applications Open for Next NCSC for Startups Cohort

Ataque hacker contra Cruz Vermelha expõe dados de mais de 500 mil vulneráveis

Ataque hacker é novo capítulo da disputa entre Rússia e Ucrânia; entenda...

Ataque hacker simultâneo tira do ar mais de 30% dos sites institucionais do governo da Bahia

Ataque hacker some com pelo menos US$ 15 milhões em Ethereum da Crypto

Biden Signs Memo to Boost National Cybersecurity

Biden signs memo to boost US national security systems’ defenses

Cheap malware is behind a rise in attacks on cryptocurrency wallets

CISA warns - upgrade your cybersecurity now to defend against "potential critical threats"

Cisco bug gives remote attackers root privileges via debug mode

Cyber risks top worldwide business concerns in 2022

Eleven Arrested in Bust of Prolific Nigerian BEC Gang

Endpoint malware and ransomware detections hit all-time high

FBI links Diavol ransomware to the TrickBot cybercrime group

Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers

Indonesia's central bank confirms ransomware attack, Conti leaks data

Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang

Microsoft fixes Outlook search issues for Windows 10 users

More than half of medical devices found to have critical vulnerabilities

Multichain token hack losses reach $3 million: report

New MoonBounce UEFI malware used by APT41 in targeted attacks

New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks

ProtonMail introduces a new email tracker blocking system

Red Cross: Supply Chain Data Breach Hit 500K People

'Serial' romance fraudster jailed for trying to scam 670 people in the UK

The evolution of security analytics

Third Firmware Bootkit Discovered

Treasury Department sanctions four Ukrainians allegedly involved in Russian influence attempts

Twitter Mentions More Effective Than CVSS at Reducing Exploitability

US sanctions former Ukrainian official for helping Russian cyberspies

When protecting and managing digital identities, orchestration and automation are critical

WordPress plugin flaw puts users of 20,000 sites at phishing risk

19/01

Albuquerque Schools Confirm Ransomware Attack, Resume Class

Another Hack Faced By Lympo, Lost 165.2 Million LMT Tokens Worth $18.7 Million

Box flaw allowed to bypass MFA and takeover accounts

Cloud Native Application Protection Platform (CNAPP): An Evolving Approach to Cloud Security

Cultivating a security-first mindset for software developers

Donot Team APT will strike gov't, military targets for years - until they succeed

FBI warning: Crooks are using fake QR codes to steal your passwords and money

FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks

Getting Ahead of Cybersecurity Challenges in 2022

Government to Regulate Crypto Advertising in New Crack Down

Interpol arrests 11 BEC gang members linked to 50,000 targets

Is cloud the solution to optimized data privacy?

Is White Rabbit ransomware linked to FIN8 financially motivated group?

Kings Plant Barn the latest retailer hit by click-and-collect data breach

Man Charged with Smuggling Tech Exports to Iran

Microsoft releases fix for patch that broke VPNs, Hyper-V virtual machines and more

Moncler confirms ransomware attack and data breach

Multi-Cloud Security in 2022

Office 365 phishing attack impersonates the US Department of Labor

OpenSubtitles discloses successful extortion attempt, data breach

Phishers go after business email credentials by impersonating U.S. DOL

Tenable Research Reveals Over 40 Billion Records Were Exposed in 2021

This new ransomware comes with a small but dangerous payload

Thousands of US Public Sector Ransomware Victims in 2021

Trends that will shape the security industry in 2022

Zoom vulnerabilities impact clients, MMR servers

WEF Report: Cyber Risks Pose Global Threats

What are the barriers to moving legacy data to the cloud?

18/01

A small number of Crypto.com users reported suspicious activity on their wallet

AI and ML implementation in cybersecurity programs pushes for a change in people’s mindset

Beijing 2022 Winter Olympics app bursting with privacy risks

Bosses think that security is taken care of: CISOs aren't so sure

Brazilian Ministry of Health recovers systems over a month after cyberattack

Ca: Cyberattack at Arnprior Regional Health; data stolen

Cybersecurity Outlook for 2022: Emerging Threats

Data theft at Desjardins: the ex-employee wanted “no media coverage”

Don't Use Public Wi-Fi Without DNS Filtering

Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors

European Regulators Hand Out €1.1bn in GDPR Fines

Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service

Europol shuts down VPN service used by ransomware groups

Fashion giant Moncler confirms data breach after ransomware attack

Governments struggle to deliver secure online citizen services

HHS Issues Trusted Health Data Exchange Governance Framework

Hospital guard nominated

How Buy Now, Pay Later is being targeted by fraudsters

How Brainjacking Became a New Cybersecurity Risk in Health Care

How tech is a weapon in modern domestic abuse -- and how to protect yourself

International police shut down 15 server infrastructures as part of VPNLab.net's takedown

Microsoft Issues Out-of-Band Update for Patch Tuesday Problems

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Microsoft: This new browser feature is 'huge step forward' against zero-day threats

More Than Half of Organizations Face Gaps in Their Zero-Trust Implementations: Fortinet

Mt: IT firm C-Planet fined €65,000 over massive voter data breach

NCA: Kids as Young as Nine Have Launched DDoS Attacks

New White Rabbit ransomware linked to FIN8 hacking group

PCI SSC updates card security standards to secure the card production process

Platforms’ dangerous game

Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts

South Africa’s new traffic fine system exposed personal data

South Australian gov issues breach notice to hacked payroll provider

The security of devices held by public sector employees

This VPN service used by cyber criminals to deliver ransomware has just been taken down by police

UK government announces crackdown on cryptocurrency adverts

Zero-trust security market to reach $64.4B by 2027

17/01

2G's security weaknesses are still a problem, even for modern phones

Accellion Reaches $8.1m Data Breach Settlement

Aditya Birla Fashion and Retail Ltd faces data breach, company says investigation underway

Ataques hacker: o copia e cola do governo

BioPlus Specialty Pharmacy Faces Lawsuit Over Healthcare Data Breach

Bug in WebKit's IndexedDB implementation makes Safari 15 leak Google account info... and more

Chrome Limits Websites' Direct Access to Private Networks for Security Reasons

Clarins reports data breach; Singaporean customers may be affected

Crypto Burgers: hackers invadem jogo blockchain e roubam R$ 4,2 milhões em criptomoedas

Crypto.com confirms suspicious activity after users report stolen funds

Cyber espionage campaign targets renewable energy companies

Cybercrime: Rising Concern to Cyber World

Dark Web's Largest Marketplace for Stolen Credit Cards is Shutting Down

DHL dethrones Microsoft as most imitated brand in phishing attacks

DHL, Microsoft, WhatsApp top phishing list of most imitated brands

EHR Vendor Faces Legal Action Over Data Breach

Former Inspector General Pleads Guilty to Software Theft

'Hackers do bem': habilidades necessárias vão além do conhecimento técnico

Global cyber crime damages to exceed $10tn

Goodwill claims it was hit by data breach

Hackers attack Parasol and Brookson, leaving umbrella contractors unpaid

IT firm C-Planet fined €65,000 over massive voter data breach

It's not just you: Telegram is down for many users

Jackson Hospital fends off recent ransomware attack

Jazz and Telenor Denies Alleged Data Breach Circulating on Different Platforms

Linux malware is on the rise. Here are three top threats right now

Many users don’t know how to protect their broadband Wi-Fi routers

Microsoft Defender Exclusions List Can Be Read by Attackers in Windows 10

Microsoft Warns of Destructive Malware Campaign Targeting Ukraine

Mobile device management market to reach $20.4 billion by 2026

National Bureau of Investigation (NBI) ‘convinced’ no hacking in Comelec system

Nintendo warns of spoofed sites pushing fake Switch discounts

Norfolk medical secretary gets hoax email 150,000 times

Nova Scotia Seeks to Improve Cyber-Bullying Law

NYC school platform outage complicating COVID-19 tracing efforts

Ransomware: Why only the bravest businesses will survive

Safari bug leaks your Google account info, browsing history

SecOps teams are understaffed and overworked

SIM card swap scams on rise in Tamil Nadu, police unearth modus operandi

The CISO’s guide to evaluating third-party security platforms

The eight key benefits that MFA can deliver your organisation

The State of Credential Stuffing Attacks

Two Years for Romance Fraudster Who Targeted 670 Women

Ukraine: Wiper malware masquerading as ransomware hits government organizations

Zoho patches new critical authentication bypass in Desktop Central

Why is intergenerational collaboration critical in advancing zero trust security progress?

16/01

A New Destructive Malware Targeting Ukrainian Government and Business Entities

ABFRL faces data breach, over 5.4 million emails allegedly released online

Crawford County grappling with ransomware attack aftermath

Cyber Threats and How Good Cyber Security Practices Keep Online Gambling Safe

Don’t be prey to Microsoft edge update. It’s nothing, just a Ransomware attack

Email outage affects Shenandoah County businesses

eNom data center migration mistakenly knocks sites offline

Four steps to enhance ransomware protection for the firm

Hacker de 19 anos acessa o sistema de 25 carros da Tesla no mundo e culpa os proprietários

High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites

Labour’s data breach means local parties not receiving their owed funds

'Lock it down and piss people off': How quick thinking stopped a ransomware attack from crippling a Florida hospital

Microsoft Discloses Malware Attack on Ukraine Gov’t Networks

Microsoft says it observed destructive malware in systems belonging to several Ukraine govt agencies

New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking

North Korean Cybercriminals Stole Nearly $400 Million Worth of Digital Assets in 2021

The importance of sandboxing for SMBs

Ukraine blames Russia for cyberattack against government websites

Ukraine says Russia behind cyberattack in ‘hybrid war’ move

‘We have to show strength’: Calls grow for U.S. to deter Russian hackers

NEWS: Janeiro (09/01 - 15/01) - 02 Semana de 2022