NEWS: Julho (11/07 - 17/07) - 28 Semana de 2021
Cyber Security News !!!

17/07
$10 million rewards bolster White House anti-ransomware bid - Columbia Basin Herald
42% of UAE companies close down after falling victim to ransomware - ITPro
75.000+ Customers Affected in CNA Ransomware Attack - Kratikal Blogs
China's New Law Requires Researchers to Report All Zero-Day Bugs to Government - The Hacker News
D-Link issues beta hotfix for multiple flaws in DIR-3040 routers - Security Affairs
Ecuador's state-run CNT telco hit by RansomEXX ransomware - Bleeping Computer
Facebook catches Iranian spies catfishing US military targets - ARS Technica
HelloKitty ransomware is targeting vulnerable SonicWall devices - Bleeping Computer
‘Highly sophisticated’ ransomware attack sidelines Cloudstar - The Title Report
Instagram Launches 'Security Checkup' to Help Users Recover Hacked Accounts - The Hacker News
Phishing scammers increasingly targeting users through messenger apps: Report - The Hindu Business Line
Ransomware task force to be set up by US government - TechStory
Researchers Found Several Cryptographic Flaws in the Telegram App - TechNadu
Scary new malware that live streams your screen – Here’s what to look for - Kim Komando
Spain arrests 16 hackers in crackdown on banking malware campaigns - Teiss
Telemarketing Scammers Who Made $4.5 Million Convicted in the U.S. - TechNadu
The biggest leak in 2020 reveals increased costs due to cloud security misconfiguration - Illinois News Live
The education sector hasn’t made the grade when it comes to ransomware protection - Education Technology
Trump hacker and friends on a mission to fix the internet - Dunya News
U.S. announces up to $10m bounty on nation-state hackers - Teiss
U.S. to combat ransomware attacks with crypto tracing mechanisms - Investing
Under Attack: California Schools Face Ransomware Threat - Jefferson Public Radio
Urgent warning over 'Amazon Rewards' email scam - Dorset Echo
White hat hacker saves $117,000 in crypto from MetaMask phishing attack - The Block

16/07
57% of reported incidents are caused by insiders - Help Net Security
Bug bounty platform urges need for firms to have vulnerability disclosure policy - ZDNet
Chinese APT LuminousMoth abuses Zoom brand to target gov't agencies - ZDNet
Cloudflare fixes CDN code execution bug affecting 12.7% of all sites - Bleeping Computer
Colorado Becomes the Fifth U.S. State to Enact a Personal Data Protection Law - TechNadu
Cyberattack on Moldova's Court of Accounts destroyed public audits - Bleeping Computer
Facebook Suspends Accounts Used by Iranian Hackers to Target US Military Personnel - The Hacker News
Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild - Security Affairs
Google patches 8th Chrome zero-day exploited in the wild this year - Bleeping Computer
Governance metrics lagging in ESG reporting across major organizations - Help Net Security
How Iranian Hackers Targeted U.S. Military Personnel on Facebook - TechNadu
How to strike the balance between privacy and personalization in healthcare and beyond - Help Net Security
India Excludes Apple ‘iMessage’ From New Social Media Regulations - TechNadu
Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware - The Hacker News
Israeli Spyware Vendor Linked With Microsoft Windows Zero-Day Exploits - TechNadu
May ransomware blight all the cyber stragglers and let God sort them out - ZDNet
Microsoft alerts about a new Windows Print Spooler vulnerability - Security Affairs
Microsoft Defender for Identity now detects PrintNightmare attacks - Bleeping Computer
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks - ZDNet
New enhanced Joker Malware samples appear in the threat landscape - Security Affairs
Nottingham City Transport Falls Victim to a Service-Disrupting Cyberattack - TechNadu
Ransomware is the New-age Atomic Bomb - Security Boulevard
Stalkers: ‘Ugly Truth’ of Facebook Staff Abusing Private Data - Security Boulevard
The Definitive RFP Templates for EDR/EPP and APT Protection - The Hacker News
Threat Modeling in the Age of Automation - Security Boulevard
Toddler mobile banking malware surges across Europe - ZDNet
U.S. Government sets up ransomware task force, offers $10 million reward for info - Help Net Security
Windows Print Spooler hit with local privilege escalation vulnerability - ZDNet
Ypsomed ‘MyLife’ App Vulnerable to Low-Complexity Remote Attacks - TechNadu

15/07
22% of exploits for sale in underground forums are more than three years old - Help Net Security
31% of US companies are forced to close down after a ransomware attack - Tweaktown
As More Ransomware Attacks Hit, Kansas City Companies Step Up - KCUR
Cancer patient to sue Cork's Mercy Hospital over cyber hack - Irish Examiner
Cybercriminals customizing malware for attacks on virtual infrastructure - Help Net Security
Disrupting Ransomware with Advanced File System Techniques - Security Boulevard
Healthcare suffering from DNS attacks more than other industries - Help Net Security
India: Army officers' laptops targeted using German IP address - Deccanherald
Multi-cloud environments creating additional security challenges - Help Net Security
O voto impresso é uma boa ideia? Entenda a polêmica, e saiba a resposta - Super Interessante
Phishing Attacks On Social Media Explained: Dos and Don’ts - Fossbytes
Phishing attacks via WhatsApp soar in India: Report - The Sentinel
Protect from cyberattacks via security and insurance - Hotel Business
Russian ransomware gang REvil goes offline - The Telegraph Online
SonicWall Releases Urgent Security Notice About Actively Targeted EOL Devices - TechNadu
Sophos Delivers State Of Ransomware Education Report - Channel News

14/07
4 Factors That Should Be Part of Your Cybersecurity Strategy - CSO USA
5 useful tools to combat ransomware attacks - Healthcare ITNews
54% of businesses now have a policy in place to deal with ransomware attacks - Help Net Security
ACE Takes Down IPTV Service “Premiumcccam.net” in a Serbian Operation - TechNadu
Almost all organisations have suffered insider data breaches - Insight
BazarBackdoor sneaks in through nested RAR and ZIP archives - Bleeping Computer
Businesses relying on data to achieve post-pandemic digital transformation goals - Help Net Security
California Schools Face Rising Ransomware Threats - KQED
China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks - Security Affairs
City of Tulsa launches online tool to see if personal data released on dark web - 2 News Oklahoma
CNA finalises investigation into cyberattack - Insurance Buisness
Dealing with security vulnerabilities on data center servers requires more skilled staff - Help Net Security
Ensuring HIPAA compliance when using the cloud - Help Net Security
Firefox 90 lands with just-in-time support for unblocking Facebook when users log in - ZDNet
Gmail update will go some way to eliminating phishing once and for all - Techradar Pro
Google details recent malware campaigns amid uptick in zero-day attacks - ZDNet
How to Handle Security Incidents and Data Breaches - CIO Insight
If Ransomware Is A 9/11-Level Threat, Then It’s Time To Respond Accordingly - Forbes
Insider data breaches are running rampant - Techradar Pro
Microsoft July 2021 ‘Patch Tuesday’ Brings 117 Fixes, 4 for Zero-Days - TechNadu
Rebuilding your security culture as employees return to the office - Help Net Security
Singapore's Changi Airport is using digital certificates to speed up immigration checks - ZDNet
The infrastructure and websites used by REvil ransomware gang are not reachable - Security Affairs
This Is How Iranian State Actors Steal User Credentials From Their Targets - TechNadu
Thousands of PS4s seized in Ukraine in illegal cryptocurrency mining sting - ZDNet
Trickbot updates its VNC module for high-value targets - Bleeping Computer
US charges Greek national for selling insider trading subscriptions in the Dark Web - ZDNet
Use This Definitive RFP Template to Effectively Evaluate XDR solutions - The Hacker News

13/07
1 in 5 companies fail PCI compliance assessments of their infrastructure - Help Net Security
A more dynamic approach is needed to tackle today’s evolving cybersecurity threats - Help Net Security
Addressing the cybersecurity skills gap: Where do we go from here? - Help Net Security
Adobe patches critical vulnerabilities in Reader, Acrobat, and Illustrator - Security Affairs
Amazon rolls out encryption for Ring doorbells - ZDNet
American retailer Guess discloses data breach after ransomware attack - Security Affairs
Brazil Suspended 334 Websites in Third Wave of “Operation 404” - TechNadu
CISA orders federal agencies to patch Windows PrintNightmare bug - Bleeping Computer
Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative - The Hacker News
Critical vulnerability in Schneider Electric Modicon PLCs can lead to RCE (CVE-2021-22779) - Help Net Security
Facebook announces time bonus payouts for bug hunters - ZDNet
Firefox 90 adds enhanced tracker blocking to private browsing - Bleeping Computer
Gmail increases email security by adding support for BIMI - Help Net Security
Google's Certificate Authority Service leaves preview, now generally available - ZDNet
How Microsoft is taking cloud-powered innovation beyond Earth with Azure Space - Help Net Security
Iranian Hackers Posing as Scholars Target Professors and Writers in Middle-East - The Hacker News
It takes more than MFA to beat human hacking - Help Net Security
Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed - ZDNet
Microsoft fixes Windows Hello authentication bypass vulnerability - Bleeping Computer
‘MobiKwik’ Says Forensic Audit Proves No User Data Was Ever Accessed - TechNadu
Modipwn: code execution vulnerability discovered in Schneider Electric Modicon PLCs - ZDNet
ModiPwn flaw in Modicon PLCs bypasses security mechanisms - Security Affairs
New BIOPASS malware live streams victim's computer screen - Bleeping Computer
Ransomware: Only half of organisations can effectively defend against attacks, warns report - ZDNet
Ransomware: We need a new strategy to tackle 'exponential' growth, says Interpol - ZDNet
REvil ransomware gang's web sites mysteriously shut down - Bleeping Computer
REvil websites down after governments pressured to take action following Kaseya attack - ZDNet
Romanian Youngster Who Used Cloned Cards on ATMs Arrested in the U.S. - TechNadu
Social media partially disrupted in Cuba amid anti-government protests - Security Affairs
SolarWinds patches zero-day exploited in the wild (CVE-2021-35211) - Help Net Security
These Iranian hackers posed as academics in a bid to steal email passwords - ZDNet
This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto - Security Affairs
Trickbot Malware Returns with a new VNC Module to Spy on its Victims - The Hacker News
US indicts dark web user 'The Bull' for insider trading - Bleeping Computer
What is the cost of an insider data breach? - Help Net Security

12/07
2020's largest leaks reveal the escalating cost of cloud security misconfigurations - ITProPortal
4 actions that can protect critical infrastructure from ransomware - GCN
79% of organizations identify threat modeling as a top priority in 2021 - Help Net Security
84% of organizations experienced phishing or ransomware attacks in the last year - ITPro
A wireless carrier was just hit by a data breach – Check your email - Kim Komando
Already a Record-Breaking Year for Ransomware, 2021 May Just Be Warming Up - APN News
Aussies have lost over AU$7 million to remote access scams already this year - ZDNet
Cities Key in War on Ransomware, Neuberger Tells Mayors - Security Boulevard
Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack - Threatpost
Cyber Week: council data breaches saw 12% spike in FY21 - Public Technology
Cybercriminals troll Iran's leader, cause railway network 'chaos' - ZDNet
Famous Smoke Shop website, store and lounge are shut down due to ransomware attack - Lehighvalleylive
Fashion Brand Guess Data Breach Impacts Customer Info - PYMNTS
Fashion retailer Guess discloses data breach after ransomware attack - Bleeping Computer
Gmail announces support for email logo authentication effort - ZDNet
Hackers Spread BIOPASS Malware via Chinese Online Gambling Sites - The Hacker News
Has your iPhone been hacked? This app will let you know (and tell you what to do) - ZDNet
Health insurers facing growing risk of customer data theft - Help Net Security
Here's how to opt-out of Google Chrome's Privacy Sandbox (FLoC) trials - ZDNet
How do I select a third-party risk management solution for my business? - Help Net Security
Interpol urges police to unite against 'potential ransomware pandemic' - Bleeping Computer
IT decision-makers doubt current data architectures will meet future model inferencing requirements - Help Net Security
IT, healthcare and manufacturing top targets for cyberattacks - Help Net Security
Kaseya issues patch for on-premise customers, SaaS rollout underway - ZDNet
Kaseya Patches Zero-Days Used in REvil Attacks - Threatpost
Kaseya ransomware attack: What we know now - ZDNet
Mermaids charity fined £25,000 for data breach - Research Live
Microsoft fixes Outlook crash issues when using Search bar - Bleeping Computer
New Eurocontrol Data Shows Airlines Increasingly Becoming Targets for Cyber Attacks - Aviation Today
New phishing attack SpoofedScholars targets professors and writers specializing in the Middle East - TechRepublic
PACS vulnerabilities, data breach spur lawsuit against radiology specialists - SC Magazine
Patient Info Exposed in Health Clinic Cyberattack Data Breach - Health IT Security
Paving the way for women in industrial cybersecurity research - Help Net Security
Ransomware attackers wanted $80,000 from York Animal Hospital. They won't pay - Seacoastonline
Ransomware: How banks and credit unions can secure their data from attacks - ZDNet
Ransomware: This new ransom tracker reveals how much bitcoin gangs have been paid - ZDNet
Reports show cybercriminals continuing to push boundaries - BIZReport
Russia criticized for ransomware attacks: ‘Criminals can do whatever they want’ - Commentary Box Sports
SolarWinds patches critical Serv-U vulnerability exploited in the wild - Bleeping Computer
Spreadshop hacked. T-shirt lovers warned of “considerably vicious” data breach - Graham Cluley
The most dangerous messaging apps on Android - TechRepublic
The Pentagon Tried to Take Down These Hackers. They’re Back - Daily Beast
Trend Micro: 84% of U.S. Organizations Hit with Ransomware, Phishing - Channel Futures
Understanding and stopping 5 popular cybersecurity exploitation techniques - Help Net Security

11/07
At long last: Kaseya restores VSA services shelved after ransomware row - SC Magazine
Biden urges Putin to crack down on cybercriminals - The Korea Times
Cisco on ransomware attacks: To pay or not to pay? - Tahawultech
Data theft from Meals on Wheels reveals gap in provincial privacy legislation, expert says - CBC
Disconnected? LinkedIn suffers data breach - Digital Journal
Holding The World To Ransom: Top 5 Online Gangs - Crypto News
How can you protect your personal, sensitive data online? - HackRead
Iran’s Transport Ministry hit by cyberattack - Telangana Today
Kaseya patches VSA vulnerabilities used in REvil ransomware attack - Bleeping Computer
Mint Mobile data breach allows hackers to port phone numbers: Report - Times Now News
New Website Aims To Shine A Light On Where Ransomware Payments Go - Forbes
On blockchains, privacy-preserving computing might avoid data leaks - The Coin Republic
Ransomware attack is over, at a cost of $300,000 - The Brussels Times
REvil ransomware attack illustrates IT systems need for epidemiological investigation - Calcalist Tech
Second cyberattack reported at Iranian Transportation Ministry - The Jerusalem Post
SEC charges dark web user of insider trading, money laundering - HackRead
The U.S. should treat cyberattacks as a national disaster - The Dallas Morning News
Washington Silent On Latest Ransomware Attack, Kremlin Says - OWP
What Do You Do If Your Business Experiences a Data Breach? - Chart Attack