NEWS: Janeiro (16/01 - 22/01) - 03 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

22/01
Adapt to a culture of cyber security
Are embedded devices the next ransomware target?
Brazil: Central Bank reports data leak of 160,100 Pix keys
CISA adds 17 vulnerabilities to list of bugs exploited in attacks
COVID-19 data leaked online, government denies data breach from Cowin portal
Crypto Hackers Using This to Trap Victims
Crypto.com CEO responds to complaints of login issues after $31 million hack
Data breaches continue to pile up in Brazil
Don’t scan that QR code! Hackers are using them to steal your info and money
Dutch cybersecurity agency warns of lingering Log4j risks
Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on Ukraine
Jefferson Health data breach affects 9,000 patients
Make Data Protection Compliance Part of Your Business Strategy
Microsoft warns of large 'Upgrade' phishing campaign
Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure
One third of ‘phishing’ websites usually disappear within 24 hours
OpenSubtitles Hacked - Data Breach Affected 7 Million Subscribers
Sacramento County phishing scam data breach exposed health and personal information
School District reports a 334% hike in cybersecurity insurance costs
‘SIM Swapping’ Explained | What’s SIM Swapping and Why Is It So Dangerous?
Simple malware is draining millions in crypto from retailers: Report
Someone Appears to Have Hacked the USDA’s Website to Share Pirated Movies
What is a cyber incident and how to prevent our computers and mobile phones from being attacked?
Why this threat intelligence expert believes cyberattacks aren’t Ukraine’s biggest concern
21/01
Amazon fake crypto token investment scam steals Bitcoin from victims
Biden Signs Authority for NSS to NSA: Think CISA for Military, Intel Systems
Chinese APT deploys MoonBounce implant in UEFI firmware
Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks
Conti ransomware gang started leaking files stolen from Bank Indonesia
COVID19 Phishing Emails Surge 500% on Omicron Concerns
Cybersecurity industry trends from 2021 bound to shape this year’s threat landscape
Does Your Cyberinsurance Policy Cover Cyberwar?
Exposed records exceeded 40 billion in 2021
FBI warning: This new ransomware makes demands of up to $500,000
GA: Peachtree Orthopaedic Clinic reports breach to HHS
Google Drive starts warning users about suspicious files
Google Project Zero discloses details of two Zoom zero-day flaws
How do IT leaders plan to overcome remote work security challenges?
How to Build a Security Awareness Training Program
(ISC)2 Appoints its First CISO
Japan’s Supreme Court rules cryptojacking scripts are not malware
McAfee Agent bug lets hackers run code with Windows SYSTEM privileges
Memorial Health System Confirms Data Breach
Microsoft disables Excel 4.0 macros by default to block malware
MoonBounce UEFI implant spotted in a targeted APT41 attack
Nasty Linux kernel bug found and fixed
New Log4j 1.x CVEs, and critical Chainsaw Vulnerability — What to Do?
NYU Langone notified 1,123 patients of privacy issue due to mailing vendor error
Over 90 WordPress themes, plugins backdoored in supply chain attack
Pennsylvania Approves Ransomware Bill
Phishing impersonates shipping giant Maersk to push STRRAT malware
Should You File a Claim in a Data Breach Settlement?
SonicWall shares temp fix for firewalls stuck in reboot loop
The importance of securing machine-to-machine and human-to-machine interaction
The Rise of the 24/7 Security Scanning Access Point
Two-Fifths of Ransomware Victims Still Paying Up
U.S. Sanctions 4 Ukrainians for Working with Russia to Destabilize Ukraine
When it comes to API security, expect the whole world to be testing your mettle, says Twitter CISO
20/01
21 sites institucionais do governo da Bahia são alvos de ataques de hackers
Applications Open for Next NCSC for Startups Cohort
Ataque hacker contra Cruz Vermelha expõe dados de mais de 500 mil vulneráveis
Ataque hacker é novo capítulo da disputa entre Rússia e Ucrânia; entenda...
Ataque hacker simultâneo tira do ar mais de 30% dos sites institucionais do governo da Bahia
Ataque hacker some com pelo menos US$ 15 milhões em Ethereum da Crypto
Biden Signs Memo to Boost National Cybersecurity
Biden signs memo to boost US national security systems’ defenses
Cheap malware is behind a rise in attacks on cryptocurrency wallets
CISA warns - upgrade your cybersecurity now to defend against "potential critical threats"
Cisco bug gives remote attackers root privileges via debug mode
Cyber risks top worldwide business concerns in 2022
Eleven Arrested in Bust of Prolific Nigerian BEC Gang
Endpoint malware and ransomware detections hit all-time high
FBI links Diavol ransomware to the TrickBot cybercrime group
Google Details Two Zero-Day Bugs Reported in Zoom Clients and MMR Servers
Indonesia's central bank confirms ransomware attack, Conti leaks data
Interpol Busted 11 Members of Nigerian BEC Cybercrime Gang
Microsoft fixes Outlook search issues for Windows 10 users
More than half of medical devices found to have critical vulnerabilities
Multichain token hack losses reach $3 million: report
New MoonBounce UEFI malware used by APT41 in targeted attacks
New SolarWinds Serv-U vulnerability exploited in Log4j-related attacks
ProtonMail introduces a new email tracker blocking system
Red Cross: Supply Chain Data Breach Hit 500K People
'Serial' romance fraudster jailed for trying to scam 670 people in the UK
The evolution of security analytics
Third Firmware Bootkit Discovered
Treasury Department sanctions four Ukrainians allegedly involved in Russian influence attempts
Twitter Mentions More Effective Than CVSS at Reducing Exploitability
US sanctions former Ukrainian official for helping Russian cyberspies
When protecting and managing digital identities, orchestration and automation are critical
WordPress plugin flaw puts users of 20,000 sites at phishing risk
19/01
Albuquerque Schools Confirm Ransomware Attack, Resume Class
Another Hack Faced By Lympo, Lost 165.2 Million LMT Tokens Worth $18.7 Million
Box flaw allowed to bypass MFA and takeover accounts
Cloud Native Application Protection Platform (CNAPP): An Evolving Approach to Cloud Security
Cultivating a security-first mindset for software developers
Donot Team APT will strike gov't, military targets for years - until they succeed
FBI warning: Crooks are using fake QR codes to steal your passwords and money
FIN8 Hackers Spotted Using New 'White Rabbit' Ransomware in Recent Attacks
Getting Ahead of Cybersecurity Challenges in 2022
Government to Regulate Crypto Advertising in New Crack Down
Interpol arrests 11 BEC gang members linked to 50,000 targets
Is cloud the solution to optimized data privacy?
Is White Rabbit ransomware linked to FIN8 financially motivated group?
Kings Plant Barn the latest retailer hit by click-and-collect data breach
Man Charged with Smuggling Tech Exports to Iran
Microsoft releases fix for patch that broke VPNs, Hyper-V virtual machines and more
Moncler confirms ransomware attack and data breach
Office 365 phishing attack impersonates the US Department of Labor
OpenSubtitles discloses successful extortion attempt, data breach
Phishers go after business email credentials by impersonating U.S. DOL
Tenable Research Reveals Over 40 Billion Records Were Exposed in 2021
This new ransomware comes with a small but dangerous payload
Thousands of US Public Sector Ransomware Victims in 2021
Trends that will shape the security industry in 2022
Zoom vulnerabilities impact clients, MMR servers
WEF Report: Cyber Risks Pose Global Threats
What are the barriers to moving legacy data to the cloud?
18/01
A small number of Crypto.com users reported suspicious activity on their wallet
AI and ML implementation in cybersecurity programs pushes for a change in people’s mindset
Beijing 2022 Winter Olympics app bursting with privacy risks
Bosses think that security is taken care of: CISOs aren't so sure
Brazilian Ministry of Health recovers systems over a month after cyberattack
Ca: Cyberattack at Arnprior Regional Health; data stolen
Cybersecurity Outlook for 2022: Emerging Threats
Data theft at Desjardins: the ex-employee wanted “no media coverage”
Don't Use Public Wi-Fi Without DNS Filtering
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
European Regulators Hand Out €1.1bn in GDPR Fines
Europol Shuts Down VPNLab, Cybercriminals' Favourite VPN Service
Europol shuts down VPN service used by ransomware groups
Fashion giant Moncler confirms data breach after ransomware attack
Governments struggle to deliver secure online citizen services
HHS Issues Trusted Health Data Exchange Governance Framework
How Buy Now, Pay Later is being targeted by fraudsters
How Brainjacking Became a New Cybersecurity Risk in Health Care
How tech is a weapon in modern domestic abuse -- and how to protect yourself
International police shut down 15 server infrastructures as part of VPNLab.net's takedown
Microsoft Issues Out-of-Band Update for Patch Tuesday Problems
Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues
Microsoft: This new browser feature is 'huge step forward' against zero-day threats
More Than Half of Organizations Face Gaps in Their Zero-Trust Implementations: Fortinet
Mt: IT firm C-Planet fined €65,000 over massive voter data breach
NCA: Kids as Young as Nine Have Launched DDoS Attacks
New White Rabbit ransomware linked to FIN8 hacking group
PCI SSC updates card security standards to secure the card production process
Researchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts
South Africa’s new traffic fine system exposed personal data
South Australian gov issues breach notice to hacked payroll provider
The security of devices held by public sector employees
This VPN service used by cyber criminals to deliver ransomware has just been taken down by police
UK government announces crackdown on cryptocurrency adverts
Zero-trust security market to reach $64.4B by 2027
17/01
2G's security weaknesses are still a problem, even for modern phones
Accellion Reaches $8.1m Data Breach Settlement
Aditya Birla Fashion and Retail Ltd faces data breach, company says investigation underway
Ataques hacker: o copia e cola do governo
BioPlus Specialty Pharmacy Faces Lawsuit Over Healthcare Data Breach
Bug in WebKit's IndexedDB implementation makes Safari 15 leak Google account info... and more
Chrome Limits Websites' Direct Access to Private Networks for Security Reasons
Clarins reports data breach; Singaporean customers may be affected
Crypto Burgers: hackers invadem jogo blockchain e roubam R$ 4,2 milhões em criptomoedas
Crypto.com confirms suspicious activity after users report stolen funds
Cyber espionage campaign targets renewable energy companies
Cybercrime: Rising Concern to Cyber World
Dark Web's Largest Marketplace for Stolen Credit Cards is Shutting Down
DHL dethrones Microsoft as most imitated brand in phishing attacks
DHL, Microsoft, WhatsApp top phishing list of most imitated brands
EHR Vendor Faces Legal Action Over Data Breach
Former Inspector General Pleads Guilty to Software Theft
'Hackers do bem': habilidades necessárias vão além do conhecimento técnico
Global cyber crime damages to exceed $10tn