NEWS: Janeiro (30/01 - 05/02) - 05 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

05/02


5 cybersecurity risks posed by ‘shadow IT’


Biden’s latest security message is based on ‘Zero Trust’


BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs


Cyber attack on Gloucester City Council means more time for people to have say on Debenhams plans


FBI shares Lockbit ransomware technical details, defense tips


Federal Trade Commission (FTC) Announces Final Settlement Over Equifax’s 2017 Data Breach


Fortune 500 service provider says ransomware attack led to leak of more than 500k SSNs


Hackers hold Hula Hoops hostage in cyber-raid on Britain’s KP Snacks


HKTVmall Announces Data Breach


How the growing Russian ransomware threat is costing companies dear


Increasing Adoption of Phishing Kits Puts MFA at Risk


Iranian APT group uses previously undocumented Trojan for destructive access to organisations


LockBit ransomware gang claims PayBito crypto exchange as new victim


Microsoft intercepted 35.7 billion phishing attempts in 2021


New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps


News Corp reports cyber data breach


Ransomware attack bill advances in Senate


That Zoom invite might be a clever phishing trick – Red flags to watch for


The digital world – Cyberwars, rumours or war and chess


Tips on how to keep your family safe online


War in Ukraine could send 'cyber attacks' and 'refugees' to Estonia


Washington state agency discloses data breach impacting hundreds of thousands of licensed professionals


Wrong timing: Mumbai firm’s owner calls cyber fraudster’s bluff



04/02


3 Ways to Ensure Cybersecurity for Legacy Systems


A look at the new Sugar ransomware demanding low ransoms


Airport services firm Swissport reports ransomware incident


All Linux Distributions Affected by 12 Year-Old PwnKit Local Privilege Escalation Bug Allowing an Attacker to Execute Commands as Root


An ALPHV (BlackCat) representative discusses the group’s plans for a ransomware ‘meta-universe’


Another Israeli Firm, QuaDream, Caught Weaponizing iPhone Bug for Spyware


Argo CD releases patch for zero-day vulnerability


Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers


Attackers Target Intuit Users by Threatening to Cancel Tax Accounts


Bank executives mostly concerned about cybercrime


Beware of the Attacks of Zombie Botnet


Binance CEO Warns of ‘Massive’ SMS Phishing Scam


Business Services Firm Morley Discloses Data Breach Affecting 500,000 People


CISA issues advisory warning of critical vulnerabilities in Airspan Networks Mimosa


Consultation on Gloucester Debenhams redevelopment extended after 'cyber incident'


HHS: Conti ransomware encrypted 80% of Ireland's HSE IT systems


China is Entering a New Era in Data Protections


Critical Infrastructure Attacks Spur Cybersecurity Investment


Cyber attacks on European oil facilities spreading


Cyber crooks targeted The Sun in an attack backed by China


Cybercrime: Darknet Markets Live On, Even as Players Change


Cybercrime Gang Tied to Ransomware Attacks in Germany, Colonial Pipeline Hackers


Data Breach Alert: SI Group Inc.


Exposed corporate credentials threatening the pharma sector


FBI Warns Olympics/Paralympics Participants of Cyber “Activities”


Freeze out hackers during the 2022 Winter Olympic Games


Halton residents warned over latest Covid email scam


How MDR Helps MSPs Navigate an Unfriendly Cyber Landscape


How NGOs can better protect sensitive data


How to check if your Gmail, iPhone or Facebook has been HACKED in seconds


Intuit releases security notices, warns of phishing emails ahead of tax season


Investment in data privacy in Brazil falls below global average


KP Snacks supply chain shut down by Conti ransomware attack


Limited IP resources leave smaller ISPs vulnerable to judgement errors when making tough cybersecurity calls


Microsoft: Russian FSB hackers hitting Ukraine since October


Microsoft disables MSIX protocol handler abused in Emotet attacks


Moody’s warns on the costs of cyber crime


More companies are using multi-factor authentication. Hackers are looking for a way to beat it


NATO Chief Says Alliance Helping Ukraine Bolster Cyber Defenses Against Russia


Neenah school district's insurance policy limits out-of-pocket expenses in Jan. 10 ransomware attack


New research reveals vicious tactics of ransomware groups


News Corp discloses hack from "persistent" nation state cyber attacks


NFT Wash Trading Made Scammers at Least $9m in 2021


Oil shipments in European oil hub delayed after cyber attacks


Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed


Phishing and stealers dominate dark web forums (but don't mention ransomware)


Phishing kits that bypass MFA protection are growing in popularity


Rhode Island AG opens investigation into UnitedHealthCare after data breach


Russian Gamaredon Hackers Targeted 'Western Government Entity' in Ukraine


Seems Phishy? It Probably Is: Debunking 4 Myths That Put Your Clients at Risk


SEPA still unclear of cyber-attack financial impact


Swissport ransomware attack delays flights, disrupts operations


Tennessee College Hit with Ransomware


That Email About an Equifax Data Breach Settlement Is Real


The Alpha and Omega of software supply chain security


Trio of RCE CVSS 10 vulnerabilities among 15 CVEs in Cisco small business routers


What Prescott, Ariz., Learned 'Dodging a [Ransomware] Bullet'


What your organization can learn from the $324 million Wormhole blockchain hack


White House Issues Further Guidance for Federal Agencies on Cybersecurity Priorities


Why Cybersecurity is a Major Concern for Food Firms in 2022


Wormhole restores stolen $326 million after major crypto bailout


03/02


3D printed guns, underground markets, bomb manuals: police crackdown continues


A Majority Of Surveyed Companies Were Hit By Ransomware Attacks In 2021—And Paid Ransom Demands


Bring a burner to the Olympics, and other mobile device travel safety tips


Building confidence in your system’s security with chaos engineering


China condemns US ban on telco, urges need for fair treatment


CISA Warns of Critical Vulnerabilities Discovered in Airspan Networks Mimosa


Cisco plugs critical flaws in small business routers


Companies woefully unprepared for CCPA compliance


Crisp supply shortage looms after KP Snacks hit by ransomware


Critical Flaws Discovered in Cisco Small Business RV Series Routers


Cybersecurity: Many managers just don't want to understand the risks


Data Breach Alert: Professional Personnel Services dba Luttrell Staffing Group


Data Breach Alert: Unum Group


Data breach at ICRC


European oil port terminals hit by cyberattack


Financially Motivated Hackers Use Leaked Conti Ransomware Techniques in Attacks


Growing Number of Phish Kits Bypass MFA


Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users


Home Improvement Firm Fined £200k for Nuisance Calls


How are collaboration apps fairing in remote work environments?


How organizations are arming themselves to combat threats


How Phishers Are Slinking Their Links Into LinkedIn


How SSPM Simplifies Your SOC2 SaaS Security Posture Audit


Hula Hoops, Space Raiders and nuts shortage warning after KP Snacks ransomware attack


Insurance Company Refuses to Pay Ransomware Claim


Intuit warns of phishing emails threatening to delete accounts


KP Snacks cyber attack could lead to a shortage of nuts, crisps and popular snacks


KP Snacks Hit by Cyber-attack


Kronos Still Dragging Itself Back From Ransomware Hell


Law enforcement pressure forces ransomware groups to refine tactics in Q4 2021


Menlo Security Identifies New HEAT Cyberthreats


MFA adoption pushes phishing actors to reverse-proxy solutions


Microsoft: This Mac malware is getting smarter and more dangerous


New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software


New Variant of UpdateAgent Malware Infects Mac Computers with Adware


New Wave of Cyber Attacks Target Palestine with Political Bait and Malware


Online Thieves Steal $320m from Crypto Firm Wormhole


People working in IT related roles equally susceptible to phishing attempts as the general population


Phishing kits' use of man-in-the-middle reverse proxies is growing, warns Proofpoint


PowerPoint Files Abused to Take Over Computers


Ransomware Often Hits Industrial Systems, With Significant Impact: Survey


Shortage of KP Nuts and Hula Hoops looms after cyber-attack


St. Clair County Data Breach Impacted More Than 600 People


State hackers' new malware helped them stay undetected for 250 days


Symantec finds evidence of continued Russian hacking campaigns in Ukraine


Target open sources scanner for digital credit card skimmers


UEFI firmware vulnerabilities affecting Fujitsu, Intel and more discovered


What Does an Internal Attack Resulting in a Data Breach Look Like in Today’s Threat Landscape?


White House creates board to review cybersecurity incidents, members to start with Log4J


Wormhole hack – Hackers steal $320M in one of the largest crypto heists


Zimbra zero-day vulnerability actively exploited to steal emails


02/02


1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Info — Mandiant


Analysts Uncover New Iranian Hacking Campaign Targeting Turkish Users


Arid Viper hackers strike Palestine with political lures and Trojans


Automation is the Future of (Digital Certificate) Security


Automotive cybersecurity market size to reach $5.3 billion by 2026


BlackCat ransomware implicated in attack on German oil companies


Business services provider Morley discloses ransomware incident


CareSouth Carolina hit with proposed class action lawsuit


CVSS 9.9-Rated Samba Bug Requires Immediate Patching


Cyber-attack strikes German fuel supplies


E-mail com @gov.br é usado em golpes porque governo não registrou domínio


ESET releases fixes for local privilege escalation bug in Windows Applications


Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op


Fake Influencer Flags Hacking Tactics


FBI warning: Scammers are posting fake job ads on networking sites to steal your money and identity


GitHub outage impacts Actions, Codespaces, Issues, Pull Requests


How to measure security efforts and have your ideas approved


How to protect a corporate Wi-Fi network


IAB Prophet Spider Seizes Opportunity to Exploit Log4j Vulnerability


Intel unveils Circuit Breaker bug bounty expansion for elite hackers


Keep current on modern cybersecurity with an Infosec4TC membership


KP Snacks giant hit by Conti ransomware, deliveries disrupted


KP Snacks hit with ransomware attack


Meet CoinStomp: New cryptojacking malware targets Asian cloud service providers


Microsoft Defender for Endpoint now spots unpatched bugs in iOS and Android devices


Microsoft Sentinel adds threat monitoring for GitHub repos


New Malware Used by SolarWinds Attackers Went Undetected for Years


NordVPN and Surfshark announce merger


Ninety Percent of Security Leaders Warn of Skills Shortage


Office 365 boosts email security against MITM, downgrade attacks


Online Ad Association Fined for Privacy Violation


Orange County Launches Cybercrime Initiative


Persistent data breaches fueling developer interest in cybersecurity


Researcher found an Information Disclosure in the Brave browser


Rush to remote work left sysadmins struggling to keep businesses safe


Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)


Scottish Agency Still Recovering from 2020 Ransomware Attack


SEO poisoning pushes malware-laced Zoom, TeamViewer, Visual Studio installers


Sugar Ransomware, a new RaaS in the threat landscape


The definition of modern Zero Trust


Third of Employees Admit to Exfiltrating Data When Leaving Their Job


Top concerns for operating cloud-native technologies


Two initiatives that can move the needle for cybersecurity in 2022


UEFI firmware vulnerabilities affect at least 25 computer vendors


Update: Pellissippi State notifies individuals of data breach


What You Need to Do Today to Protect Against Account Takeover Attacks


What is driving NaaS adoption?


Windows 10 optional updates fix performance problems introduced last month


Your morning reminder that health data breaches are … everywhere



01/02


A cyber attack severely impacted the operations of German petrol distributor Oiltanking GmbH


Após ataque hacker, contas serão entregues com correção de valores, diz Sanesul


Beyond the Gas Station: Cybersecurity and Industrial Infrastructure


British Council exposed 144,000 files containing student details


British Council exposed more than 100,000 files with student records


British Council Students' Data Exposed in Major Breach


California Passes FLASH Act


CISA Tells Organizations to Patch CVEs Dating Back to 2014


Civil rights groups launch effort to stop IRS use of 'flawed' ID.me facial recognition


Cyber-Attack on Oil Firms


Cyberspies linked to Memento ransomware use new PowerShell malware


Data Leak Exposes IDs of Airport Security Workers


Dozens of Security Flaws Discovered in UEFI Firmware Used by Several Vendors


FBI: Olympic Athletes Should Leave Devices at Home


Forescout acquires healthcare cybersecurity provider CyberMDX


German petrol supply firm Oiltanking paralyzed by cyber attack


How ready are federal agencies for zero trust implementation?


Infosec products of the month: January 2022


Iran-linked MuddyWater APT group campaign targets Turkish entities


Iranian Hackers Using New PowerShell Backdoor in Cyber Espionage Attacks


Island Unveils More Secure Enterprise Browser


Malicious CSV text files used to install BazarBackdoor malware


Microsoft Defender now detects Android and iOS vulnerabilities


Mozilla adding multi-account containers to VPN offering


MuddyWater hacking group targets Turkey in new campaign


One in seven ransomware extortion attempts leak key operational tech records


OpenSSF Launches Project to Secure Open Source Software


Organizations neglecting Microsoft 365 cybersecurity features


Powerful new Oski variant ‘Mars Stealer’ grabbing 2FAs and crypto


Ransomware: Is the party almost over for the cyber crooks?


RCE in WordPress plugin Essential Addons for Elementor impacts hundreds of thousands of websites


Real-Time Threat Detection in the Cloud


Review: Group-IB Threat Intelligence & Attribution (TI&A)


Shell forced to reroute supplies after cyberattack on two German oil companies


Social Security Numbers Most Targeted Sensitive Data


SolarMarker Malware Uses Novel Techniques to Persist on Hacked Systems


State-sponsored Iranian hackers attack Turkish government, private organizations


Telco fined €9 million for hiding cyberattack impact to customers


These hackers are hitting victims with ransomware in an attempt to cover their tracks


Top attack trends every organization should build resilience against


Ukraine Continues to Face Cyber Espionage Attacks from Russian Hackers


Understaffing persistently impacting enterprise privacy teams



31/01


277,000 routers exposed to Eternal Silence attacks via UPnP


Americans lost $770 million from social media fraud in 2021, FTC reports


Aussie Tech Entrepreneur Extradited Over SMS Fraud


Banking Trojan in Google Play App Store—‘2FA Authenticator’ drops Vultur RAT


CISA adds 8 vulnerabilities to list of actively exploited bugs


Crypto Finance Firm Offers $2m Bug Bounty to Hackers


Cybersecurity staff turnover and burnout: How worried should organizations be?


DeepDotWeb admin sentenced to 97 months in prison for money laundering scheme


Expert earned $100,500 bounty to hack Apple MacBook webcam and microphone


German Court Rules Websites Embedding Google Fonts Violates GDPR


Hackers stole $80M worth of cryptocurrency from the Qubit DeFi platform


How costly is an insider threat?


Microsoft: Here's how we stopped the biggest ever DDoS attack


Microsoft Office 365 to add better protection for priority accounts


Number of COVID-19 Testing Scams Jumps Sharply


Number of data compromises reaching all-time high


PDF Generator’s Eternal Bond with SSRF


Prison for Dark Overlord Collaborator


QNAP Ransomware: Thousands Infected with DeadBolt


Ransomware Gangs are Recruiting Your Employees


Ransomware: Over half of attacks are targeting these three industries


Reducing the blast radius of credential theft


Russian 'Gamaredon' hackers use 8 new malware payloads in attacks


The top reasons countries ask Google to remove content


Unsecured AWS server exposed 3TB in airport employee records


US Revokes China Unicom's License


Why vulnerability scanners aren’t enough to prevent a ransomware attack on your business


Your Graphics Card Fingerprint Can Be Used to Track Your Activities Across the Web



30/01


Apple Pays $100,500 Bounty to Hacker Who Found Way to Hack MacBook Webcam


Can Data Breaches Be GOOD For Some Corporate Brands?


China's Olympic apps may have security flaw


DeepDotWeb News Site Operator Sentenced to 8 Years for Money Laundering


Federal Trade Commission (FTC): Americans lost $770 million from social media fraud surge


FirstWatch reports sudden, sharp increase in cyberattacks against public safety


Hackers do Lapsus Group anunciam ataque ao site do Parlamento


Hackers que atacaram SIC e Expresso dizem ter pirateado site do Parlamento


Health care sector's cybersecurity threats


How to protect yourself as data breaches hit record levels


LandBank welcomes NBI probe on alleged phishing scam


OCBC reimburses SMS scam victims S$13.7 mil in goodwill payouts


Pakistan: How to leap forward in data protection


Ransomware attack took down R2 trillion investment company for five days


Researchers use GPU fingerprinting to track users online


Researchers Use Natural Silk Fibers to Generate Secure Keys for Strong Authentication


Russia cyber attacks warning: UK at risk from meddling linked to Ukraine conflict


The LockBit group claims to have stolen data from the Ministry of Justice of France


UK told to brace itself for Russian cyber attacks as Ukraine tensions escalate


Urgent Microsoft alert: New bug lets strangers take complete control of your emails


What Is a Software-Defined Perimeter?



NEWS: Janeiro (23/01 - 29/01) - 04 Semana de 2022





Who am I...

Apenas um amante da tecnologia e da Segurança da Informação. Hacker ? Até que prove ao contrário não.. Profissional ? Sim.. Mais de 20 anos no mercado de Segurança da Informação sempre atuando em grandes Empresas.

 

Levantando a bandeira de que hacker é um profissional e especialista naquilo que ele faz. Hacker é um especialista, um pesquisador, um profissional como outro qualquer.

Skatista, músico e fotógrafo de instagram nas horas vagas....

Procurar por Tags
Pelo Mundo Afora...
  • Twitter Social Icon
  • LinkedIn Social Icon