NEWS: Janeiro (23/01 - 29/01) - 04 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

29/01

6 ways to protect your personal devices

32 new ransomware families in 2021, a 26 per cent YoY increase: Report

Are iPhones more secure than Android phones?

Aspire Credit Union in Minot warns clients of fraudulent website

Country's biggest double glazing installer Safestyle UK is hit by a cyber attack as spies warn of a threat from Russian hackers linked to fears of military action against Ukraine

Covid-related email scams spike with the rise in Omicron cases: Report

Cybercriminals increasingly utilizing Excel add-in files to spread malware: HP report

Designing security to mitigate growing ransomware threats

Epidemic of scams: Singapore victims lost over $712 million in 5 years

How to insulate against cyber-attacks

How to Protect Your Business From Cyber-Attacks in 2022

In Israel, ransomware attacks against private companies pose a new kind of national security threat

Iranian ‘honey trap’ sites try to enlist spies to ostensibly work for Israel (Report)

LandBank to cooperate with NBI in probe into alleged phishing victimizing teachers

Nearly $1 billion lost by scam victims in Singapore since 2016

New Mexico prison forced offline due to ransomware attack

North Korean hackers launch attack using Windows Update and GitHub

One in three phishing websites disappears within the first 24 hours

Over 20,000 data center management systems exposed to hackers

Singapore victims lost over $712 million in 5 yrs: Report

What Is a Human Firewall? Can It Protect You Against Cyberattacks?

What Is Patch Management and How Can You Implement It?

Windows vulnerability with new public exploits lets you become admin

Zimbabwe criminals go hi-tech

28/01

Act Sooner to Prepare for the Increasing and Emerging Security Challenges

Back to Basics: What Security Leaders Need to Do to Protect their Organizations

BlackCat ransomware targeting US, European retail, construction and transportation orgs

Cyberinsurance: Federal Court Interprets Banking Fraud Policy

DeFi platform Qubit Finance begs hacker to return $80 million in stolen funds

EU to create pan-European cyber incident coordination framework

Fake Cash Scams Thrive on Facebook and Insta—FTC

Finnish diplomats’ phones infected with NSO Group Pegasus spyware

Finland warns of Facebook accounts hijacked via Messenger phishing

From Drone to Counter-Drone: The Shifting Role of Cybersecurity

Google Play app dropped Vultur banking Trojan on Android handsets

Google unveils new differential privacy tool for Python developers processing data

Hackers are taking over CEO accounts with rogue OAuth apps

Hackers Using Device Registration Trick to Attack Enterprises with Lateral Phishing

Healthcare industry most common victim of third-party breaches last year

How to avoid an open source security nightmare

IA: Ottumwa dental office notifies patients of 2020 ransomware attack

Microsoft Outlook RCE zero-day exploits now selling for $400,000

Microsoft unveiled hackers process of infecting devices via phishing

Most Ransomware Infections are Self-installed

NCSC alerts UK orgs to brace for destructive Russian cyberattacks

NCSC Warns UK Organizations to Prepare for Russian Cyber-Attacks

North Korean Hackers Return with Stealthier Variant of KONNI RAT Malware

North Korean Hackers Using Windows Update Service to Infect PCs with Malware

Online Investment Fraud Network Taken Down by Law Enforcement

Programmers Using New Evasive Technique to Deliver AsyncRAT Malware

QNAP force-installs update after DeadBolt ransomware hits 3,600 devices

Ransomware families becoming more sophisticated with newer attack methods

Scammers target us on social media now more than ever

Silkworm security? Researchers create new authentication method using silk fibers

The future of work: Employee privacy

The modern workplace: Will remote tech workers tolerate being monitored?

This Hacker group is using a new method to inject virus into devices

UK: Data breach at Greensward Academy

UK security centre urges companies to boost their defences after cyberattacks on Ukraine

US bans major Chinese telecom over national security risks

Use of AI to fight insurance fraud hits all-time high

Water Utilities Get 100-Day Cybersecurity Plan

What the Cybersecurity Leaders Are Saying About Data Privacy

White House Releases Zero Trust Strategy for Federal Government

Why we can’t put all our trust into AI

Your personal data is valuable, and dangerous in the wrong hands. It's time to protect it better

27/01

65% of organizations continue to rely on shared logins

105 million Android users targeted by subscription fraud campaign

A new highly evasive technique used to deliver the AsyncRAT Malware

Attackers add rogue PC to victims' networks in this sneaky phishing campaign

Chaes Banking Trojan Hijacks Chrome Browser with Malicious Extensions

DeepDotWeb admin imprisoned for advertising illegal dark web markets

DeepDotWeb operator sentenced to eight years behind bars

Digital IDs under attack: How to tackle the threat?

EyeMed agrees $600,000 settlement over 2020 data breach

Experts analyze first LockBit ransomware for Linux and VMware ESXi

Familiarity with vaccine passport tech is laying the foundations for digital IDs

Fraud detection and prevention market to reach $75,139.66 million by 2028

How a Healthcare Provider Secures Its Cloud Infrastructure

How would zero trust prevent a Log4Shell attack?

IT and DevOps Staff More Likely to Click on Phishing Links

Konni remote access Trojan receives 'significant' upgrades

Lockbit ransomware gang claims to have hacked Ministry of Justice of France

Malware resets Android devices after performing fraudulent wire transfers

Mentoring and Role Models Key to Improving Female Representation in Cybersecurity

Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to date

Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users

Nearly $9bn Laundered in Cryptocurrency in 2021

North Korea Loses Internet in Suspected Cyber-Attack

Patching the CentOS 8 Encryption Bug is Urgent – What Are Your Plans?

Puerto Rico was hit by a major cyberattack

QNAP: Act Now to Mitigate DeadBolt Ransomware

Small Business Best Practices for Email Security

What makes achieving cyber resilience difficult?

Widespread FluBot and TeaBot Malware Campaigns Targeting Android Devices

26/01

Apple Releases iOS and macOS Updates to Patch Actively Exploited 0-Day Vulnerability

Best Cybersecurity Research Paper Revealed

Buy now, pay later fraud, romance and cryptocurrency schemes top the list of threats this year

Cybercriminals Using QR Codes to Steal Financial Info, FBI Warns

Data Breach Alert: Rockingham Mutual Group, Inc.

DataPrivacyWeek: Online Trackers Can Detect 80% of Users' Browsing History

DazzleSpy: macOS backdoor delivered through watering hole attacks

DazzleSpy: Pro-democracy org hijacked to become macOS spyware distributor

DDoS protection and mitigation market to reach $6.7 billion by 2026

Experts Reveals 29% Surge in Bugs Used by Ransomware Actors

EyeMed Fined $600k Over Data Breach

German govt warns of APT27 hackers backdooring business networks

Government Trials Effort to Make Bug Scanning Easier

Hackers Using New Evasive Technique to Deliver AsyncRAT Malware

How to achieve greater cyber resiliency

Initial Access Broker Involved in Log4Shell Attacks Against VMware Horizon Servers

IT pros say privacy regulations are more helpful than harmful

Lessons Learned from Ireland’s Healthcare System Ransomware Attack

Log4J: BlackBerry finds Prophet Spider access broker exploiting VMware Horizon

Merck claims victory in NotPetya ransomware dispute

Microsoft warns of phishing campaign targeting OAuth tokens

New DazzleSpy malware infects macOS devices through hacked websites

New FluBot and TeaBot campaigns target Android devices worldwide

Nobel Foundation site hit by DDoS attack on award day

Open-source code: How to stay secure while moving fast

Phishing emails in Q421 focused on everyday tasks - research

PolKit vulnerability can give attackers root on many Linux distros (CVE-2021-4034)

QNAP warns of new DeadBolt ransomware encrypting NAS devices

Ransomware is still the biggest security worry for business, but it's not the only headache

Report: Cybercriminals laundered at least $8.6 billion worth of cryptocurrency in 2021

Rising Above Complexity to Secure IoT Devices

The Log4j flaw hasn't led to massive hacking attacks. But that doesn't mean the threat is over

Threat Actors Blanket Androids with Flubot, Teabot Campaigns

Trickbot will now try to crash researcher PCs to stop reverse engineering attempts

UK government security center, i100 publish NMAP scripts for vulnerability scanning

US healthcare company EyeMed reaches settlement following 2020 data breach

25/01

1Password partners with Brex for online payment tool

3 Common Cloud Misconfigurations to Avoid

53% of medical devices have a known critical vulnerability

AI to greatly enhance urban surveillance technologies

Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access

Belarus Activists Fire Ransomware at State Railway

Beware of fake tax apps pushing malware

Canada's foreign affairs ministry hacked, some services down

Cyber-Attack on Global Affairs Canada

Cyber Essentials Overhauled for New Hybrid Working Era

DDoS attacks on Minecraft event crippled the internet of a European country

EU launches bug bounty programs for five open source solutions

Experts Call for More Open Security Culture After VW Sacking

Google Drive flags nearly empty files for 'copyright infringement'

Google Drive now warns you of suspicious phishing, malware docs

Google reveals 'Topics' cookie replacement, acknowledges FLoC was problematic

Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets

Hackers hijacking Instagram accounts of companies and influencers, demanding ransom

Hackers Infect macOS with New DazzleSpy Backdoor in Watering-Hole Attacks

Healthcare fraud detection market to grow steadily by 2026

It’s time that the world learns from the past security breaks

Latest version of Android RAT BRATA wipes devices after stealing data

Linux kernel bug can let hackers escape Kubernetes containers

Microsoft warns about this phishing attack that wants to read your emails

Mirai splinter botnets dominate IoT attack scene

Missing Microsoft Intune certs break email, VPN on Samsung devices

New DazzleSpy malware targets macOS users in watering hole attack

PA: Pennsbury’s Computer System Breached, Incident Under Investigation

Russia arrests leader of “Infraud Organization” hacker group

Segway store hacked to steal customers' credit cards

Software is crammed full of bugs. This exciting project could banish most of them

Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks

Staff negligence is now a major reason for insider security incidents

Strong security starts with the strengthening of the weakest link: passwords

This cruel Android malware wipes phones after stealing money

This sneaky ransomware is now targeting Linux servers, too

Trellix finds OneDrive malware campaign targeting gov't officials in Western Asia

TrickBot Malware Using New Techniques to Evade Web Injection Attacks

UK Government Announces New Cyber Strategy to Protect Public Sector

Understanding and Preventing Account Takeover

Valuable information leaked from the website Co-Win leaked, here is how

Vulnerability Disclosures Rise to Meet Federal Requirements

Why organizations should consider adopting cloud governance as code

'We're losing control of our data' as breaches reach an all-time high

24/01

A 2022 priority: Automated mobile application security testing

Android malware BRATA wipes your device after stealing data

Attackers now actively targeting critical SonicWall RCE bug

Australian Prime Minister's WeChat Shanghaied by Chinese patriots

BHUNT password stealer targets crypto wallets through cracked software

China’s MY2022 App Could Do More Than Trace COVID-19 Exposure

Countries Now See Cyberspace as a Legitimate Realm to Create Strategic Outcomes

COVID test related scam emails still highly popular among cybercriminals

Cracked screens aren't a problem with Akko Protection Plan

Cripto YouTubers são vítimas de tentativa de hack e golpe

Crooks tampering with QR Codes to steal victim money and info, FBI warns

Cybersecurity: 11 steps to take as threat levels increase

CWP bugs allow code execution as root on Linux servers, patch now

Dark Souls PvP servers taken down to investigate severe RCE flaw

Data Privacy Week: The 3 Ps Vital to Enhancing Your Online Data Privacy

Emotet spam uses unconventional IP address formats to evade detection

F5 fixes 25 flaws in BIG-IP, BIG-IQ, and NGINX products

Fraud detection is great, but you also need prevention

Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' Scams

Hackers hijack smart contracts in cryptocurrency token 'rug pull' exit scams

Hackers say they encrypted Belarusian Railway servers in protest

How Businesses Can Put Privacy First

IRS to Require New ID Verification

Log4j: Mirai botnet found targeting ZyXEL networking devices

Malicious PowerPoint files used to push remote access trojans

Microsoft: We're switching off Excel 4.0 macros by default to protect you against security threats

Myanmar's military junta seeks ban on VPNs and digital currency

NSF Awards $29m to Cybersecurity Scholarships

Predict 2022: Top Cybersecurity Threats for 2022

Ransomware gangs increase efforts to enlist insiders for attacks

Researchers break down WhisperGate wiper malware used in Ukraine website defacement

SBA Announces $3m Cybersecurity Program

Spike in brand abuse attacks, 3-D Secure transaction volume rising

Tor Project appeals Russian court's decision to block access to Tor

Tor Project battles Russian censorship through the courts

Two in Five IT Security Managers Considering Quitting Their Jobs

UK's Privacy Tsar Mounts Fierce Defense of End-to-End Encryption

Unusual ‘Donald Trump’ Packer Malware Delivers RATs, Infostealers

US Adds 17 Exploited Bugs to "Must Patch" List

US Data Breaches Surge 68% to All-Time High

ZTNAs Address Requirements VPNs Cannot. Here's Why.

What is challenging multicloud adoption?

23/01

An attacker causing trouble since 2020 found to be linked to Innefu labs in India

Attackers use public cloud providers to spread RATs

Brazil: Acesso Soluções de Pagamento customers had Pix key data leaked

Cyber risk alert for banks

Cybersecurity recommended for employees amid study suggesting 32% Nigerian firms favour remote work

Emotet Now Using Unconventional IP Address Formats to Evade Detection

Enovos issues warning for phishing attempts

FBI warns of malicious QR codes used to steal your money

High-Severity Rust Programming Bug Could Lead to File, Directory Deletion

How to Spot a Fraudulent Website

Israel: Police Used NSO Malware to Spy on Three Mayors

Microsoft tests a new "Rejuvenated" Windows 11 Task Manager, how to enable

More than 40 billion records exposed worldwide in 2021: Report

“Não temos evidências de golpes”, diz especialista após vazamento de dados do Pix

OCBC phishing attacks were 'fast and furious' and 'well-strategised', says group CEO

OCBC ups security measures following spate of SMS phishing scams

OpenSubtitles data breach impacted 7 million subscribers

Pandemia de hackers? Atenção em 2022 será com vírus da covid e de sistemas

University of Arkansas for Medical Sciences notifying 518 patients after employee emailed PHI to her personal gmail account

What Are DeFi Flash Loans & How to Prevent Flash Loan Attacks?

Will the Ukraine Conflict Lead to More Global Cyber Attacks?

NEWS: Janeiro (16/01 - 22/01) - 03 Semana de 2022