NEWS: Julho (18/07 - 24/07) - 29 Semana de 2021
Cyber Security, Information Security and Hacking News !!!!
24/07
Antivirus vs. VPN: Do you need both for online privacy and security? - Kim Komando
Calls for tougher stance toward Russia grow louder as ransomware attacks rage - Siliconangle
Cumbria Trading standards warn public on scam emails - Incumbria
Fake Windows 11 Installers Distributing Malware to Hopeful Users - TechNadu
FBI on High Alert on Olympic Games Potential Cybercriminal Attacks After Massive Data Breach - Tech Times
Florida DEO warns of unemployment data breach affecting nearly 58,000 - Catalyst
Guntrader.uk Hacked and User Details Shared for Free on Forums - TechNadu
Here's what we do and don't know about the cyberattack on Brockton police - The Enterprise
Kaspersky identifies new APT campaign - ITP Net
Microsoft shares mitigations for new PetitPotam NTLM relay attack - Bleeping Computer
Middle East Oil Giants Grapple With Cyberattacks - Markets Insider
New Facebook Messenger Phishing Campaign: It All Begins With an Invitation to Watch a Video - SmallCap News
Obtaining password hashes of Windows systems with PetitPotam attack - Security Affairs
Officials who are US allies among targets of NSO malware, says WhatsApp chief - The Guardian
Phishing scams targeting writers and Goodreads extortion scams - Digital Journal
The work of the Runet was tested in the exercise of disconnection from the global network - E Hacking News
UK National Lottery Community Fund Suffered a Catastrophic Data Breach - TechNadu
US accuses China of “malicious” cyberattacks, including Microsoft hacks | Hacking - Illinois News Live
US Loses $4.2B to Online Scams: Five to Be Aware of Right Now - Creek City Times
23/07
5 tips to mitigate and prevent ransomware attacks - India TV
16 Strategies To Ensure A Phishing Exercise Has A Strong And Lasting Impact - Forbes
40% fell victim to a phishing attack in the past month - Help Net Security
Akamai software update triggered a bug that took offline major sites - Security Affairs
Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots - Bleeping Computer
Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows - Bleeping Computer
Breaking News: You can't believe everything you read on RaidForums…. - Data Breaches
BSides Vancouver 2021 – Ruchi Gautam’s ‘Privacy Concerns In The Connected Car Ecosystem’ - Security Focus
BSides Vancouver 2021 – Vivek Ponnada’s ‘Is The Power Grid A Huge Cybersecurity Risk?’ - Security Focus
Chinese Researchers Hid Malware Inside AI Without Affecting Its Functions - TechNadu
Companies Face Growing Legal Risks Over Ransomware Data Leaks - WSJ Pro Cybersecurity
Conti Ransomware Responsible For Attack On Irish Health Service - Swords Today
Dutch Police Arrest Two Hackers Tied to "Fraud Family" Cybercrime Ring - The Hacker News
Dutch Police Arrested Members of the “Fraud Family” Phishing Scheme - TechNadu
Emma Willard School hit by ransomware attack - Times Union
Estonian hacker Pavel Tsurkan pleads guilty for operating a proxy botnet - Security Affairs
Even after Emotet takedown, Office docs deliver 43% of all malware downloads now - ZDNet
Fear patient data may have been stolen from Auckland DHBs - stuff
Five in trouble with the state for unauthorized access of driver's information - Star Tribune
Government IT decision makers worried about security risks related to cloud migration - Help Net Security
Hidden crypto farm in Frankfurt restaurant exposed - Data Breaches
In the Pegasus world, only the cyber-paranoid survive - mint
‘Kaseya’ Got a Master Decryption Key From REvil and Restoration Is Underway - TechNadu
Kaseya Obtains Universal Decryptor for REvil Ransomware - Threatpost
Kaseya says it has now got the REvil decryption key and it works - ZDNet
Major news sites serve porn after vid.me domain takeover - Bleeping Computer
Microsoft warns over this unusual malware that targets Windows and Linux - ZDNet
Nasty macOS Malware XCSSET Now Targets Google Chrome, Telegram Software - The Hacker News
Nearly 140 phishing incidents observed by CERT-In during H1 2021 - Telecom Economic Times
Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach - Security Affairs
Pro-Trump MAGACOIN crypto launch marred by website data breach - Cointelegraph
ProtonVPN Review 2021 – Total Privacy Protection & Capable Features, at a High Cost! - TechNadu
Ransomware Hits Saudi Aramco, but Nobody is Immune - CXO Today
State Warns Of Driver’s License Phishing Scam - The Post-Journal
States Weigh Bans on Ransomware Payoffs - PEW
Tech firm hit by giant ransomware hack gets key to unlock victims’ data - The Guardian
The 25 most dangerous software vulnerabilities to watch out for - ZDNet
Transnet Undergoes Apparent Ransomware Hack - IT News Africa
Twitter reveals surprisingly low two-factor auth (2FA) adoption rate - Bleeping Computer
Uber found to have interfered with privacy of over 1 million Australians - ZDNet
UK gun owners urged to be ‘vigilant’ after Guntrader data breach - ITPro
User data privacy decisions can be easily manipulated - Help Net Security
Wake up! Identify API Vulnerabilities Proactively, From Production Back to Code - The Hacker News
West Virginia Center’s Health Data Breach Includes Patients’ PHI - Health IT Security
What Is An Identity and Access Management Solution and How Can Businesses Benefit From It? - Security Affairs
22/07
1,000 GB of local government data exposed by Massachusetts software company - ZDNet
740 ransomware victims named on data leak sites in Q2 2021: report - ZDNet
Akamai has trouble and the internet hiccups again - ZDNet
Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day - Threatpost
Apple security updates: iOS 14.7 fixes WiFiDemon flaw - Help Net Security
Asset inventory management: What’s the ROI? - Help Net Security
Atlassian asks customers to patch critical Jira vulnerability - Bleeping Computer
Attacks on critical infrastructure are dangerous. Soon they could turn deadly, warn analysts - ZDNet
China bans children under 16 from appearing in live-streaming and online video content - ZDNet
DDoS attacks are up, with ever-greater network impact - Help Net Security
Did you know a third of cybersecurity pros have experienced harassment? - Help Net Security
Financial services accounting for nearly 40% of all phishing URLs - Help Net Security
Gun owners' fears after firearms dealer data breach - BBC News
Hackers reportedly demand $50m from Saudi Aramco over data leak - BBC News
How (and Why) Hacker Forums Self-Moderate - Security Boulevard
Lack of cyber in Australian supply chain resilience plan has IBM concerned - ZDNet
Microsoft just published a workaround for this important Windows 10 flaw - ZDNet
Modi government accused of spying on critics and opponents using Pegasus spyware - ZDNet
New Malware Family “Coper” Spreads Among Colombian Android Users - TechNadu
Questions that help CISOs and boards have each other’s back - Help Net Security
Securing UX in Open Banking Apps - Security Boulevard
The Authorities Arrested Fourth Person Involved in 2020 “Twitter Bitcoin Hack” - TechNadu
TicketClub Italy Database Offered in Dark Web - Security Affairs
Thousands of Humana customers have their medical data leaked online by threat actors - Security Affairs
Who is responsible for improving security in the software development environment? - Help Net Security
Why you need to update your iPhone and iPad now - ZDNet
21/07
$49 malware receives major upgrade to strike both Windows and macOS PCs - ZDNet
A unified approach is the future of data backup - Help Net Security
Apple confirms iOS 14.7 unlocking bug headache, especially for enterprise users - ZDNet
Be: Hit by cyberattack, the Courcelles Public Social Action Center persevered to respond to floods and emergency conditions - Data Breaches
China dismisses Exchange attribution and accuses US of whitewashing its cyber heists - ZDNet
Chinese state hackers breached over a dozen US pipeline operators - Bleeping Computer
Chrome just added these big new security and privacy features - ZDNet
CISA warns of stealthy malware found on hacked Pulse Secure devices - Bleeping Computer
DDoS attacks increased 33% in H1 2021 - Help Net Security
Defending Against Pervasive Spyware - Security Boulevard
Despite good defensive measures, ransomware continues to get in - Help Net Security
Easily exploitable, unpatched Windows privilege escalation flaw revealed (CVE-2021-36934) - Help Net Security
Europe’s IT and business services market propelled by growing cloud-based services adoption - Help Net Security
France ANSSI agency warns of APT31 campaign against French organizations - Security Affairs
France warns of APT31 cyberspies targeting French organizations - Bleeping Computer
Google Chrome now comes with up to 50x faster phishing detection - Bleeping Computer
Image encryption technique could keep photos safe on popular cloud photo services - Help Net Security
Indictments, Attribution Unlikely to Deter Chinese Hacking, Researchers Say - Threatpost
Infections of Commodity Malware on macOS on the Rise Again - TechNadu
Joker billing fraud malware found in Google Play Store - ZDNet
Kelihos botmaster Peter Levashov gets time served - Security Affairs
LPE flaw in Linux kernel allows attackers to get root privileges on most distros - Security Affairs
MacOS Being Picked Apart by $49 XLoader Data Stealer - Threatpost
Malicious NPM Package Caught Stealing Users' Saved Passwords From Browsers - The Hacker News
Malware Distributors Abuse URL Shortener Services to Spread Dangerous Apps - TechNadu
Man Arrested in Connection with Alleged Role in July 2020 Twitter Hack - Data Breaches
Microsoft acquires privileged access management vendor CloudKnox Security - ZDNet
Microsoft shares workarounds for new Windows 10 zero-day bug - Bleeping Computer
Most companies still rely on manual tools and tech for internal audit processes - Help Net Security
Multiple Modem Routers Vulnerable to Unauthenticated Attacks - TechNadu
New Bill Could Force U.S. Businesses to Report Data Breaches Quicker - Security Boulevar
New Chrome Site Isolation and Phishing Detection Up the Browser’s Security Stance - TechNadu
NordVPN’s Kill Switch Not Working? – You’ll Want to Try These 5 Fixes! - TechNadu
NPM package steals Chrome passwords on Windows via recovery tool - Bleeping Computer
NPM Package Steals Passwords via Chrome’s Account-Recovery Tool - Threatpost
Pegasus scandal: Are we all becoming unknowing spies? - BBC
PrintNightmare: How To Check If Your Systems Are Still Vulnerable - Security Boulevard
Risk Based Vulnerability Management – Time to Move Away From the Whack-a-Mole Model - CISO Mag
Security and Culture are Key to Digital Transformation - Security Boulevard
Several New Critical Flaws Affect CODESYS Industrial Automation Software - The Hacker News
The U.S. Has Been Buying Surveillance Cameras From Blacklisted Chinese Companies - TechNadu
This password-stealing Windows malware is distributed via ads in search results - ZDNet
TikTok, Snapchat account hijacker arrested for role in Twitter hack - Bleeping Computer
US House terminates deal with iConstituent after company waited days to raise ransomware alarm - ZDNet
XLoader, a $49 spyware that could target both Windows and macOS devices - Security Affairs
XLoader malware steals logins from macOS and Windows systems - Bleeping Computer
XLoader Windows InfoStealer Malware Now Upgraded to Attack macOS Systems - The Hacker News
What is a security champion and do you need one? - Security Boulevard
20/07
16-year-old bug in printer software gives hackers admin rights - Bleeping Computer
16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines - ThreatPost
A New Security Paradigm: External Attack Surface Management - ThreatPost
Beware the crypto scammers: Fraudsters fleece British couple of £15,000 in NINE minutes through phishing scam - This is Money
Biden administration debating whether and how to sanction China for ransomware attacks - CNN
Browser Hijacking, Malware Pop-Ups, And “Legit-Looking” Phishing – It’s A Wild Web - Martech Series
Bug hunters asked to probe Microsoft Teams mobile apps, can earn up to $30k - Help Net Security
Calling out China for cyberattacks is risky — but a lawless digital world is even riskier - Outlook India
China Flatly Denies Hacking Allegations and Calls the U.S. ‘Irresponsible’ - TechNadu
China hits back at ‘fabricated’ US hacking allegations - Aljazeera
China rejects hacking charges, accuses US of cyberspying - WSAZ 3
Combating deepfakes: How we can future-proof our biometric identities - Help Net Security
Data breach over Pegasus snooping reported months ago - Mathrubhumi
Deepfakes: The Next Big Threat - Security Boulevard
Even highly skilled IT professionals fall prey to phishing attacks - TechRadar Pro
FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics - Bleeping Computer
Flash May Be Dead, but ‘Shlayer’ Campaigns Are Still Using It as a Disguise - TechNadu
Fortinet fixes bug letting unauthenticated hackers run code as root - Bleeping Computer
GDPR 3 years on: 43% of UK organisations reported to the ICO for a data breach - NetImperative
Geneva, Ohio discloses ransomware attack - Data Breaches Net
Google Cloud rolls out new security tools as threat landscape heats up - ZDNet
Google is using machine learning to stop DDoS attacks - ZDNet
Hacker behind LinkedIn scraping did it "for fun" - Computing
Hackers Put 1 TB of Saudi Aramco Stolen Data for Sale - Ihold
How do I select a data recovery solution for my business? - Help Net Security
Hundreds of touchscreen ticket machines are offline after a ransomware attack - ZDNet
IoT malware attacks rose 700% during the pandemic - Help Net Security
Is differential privacy the ideal privacy-enhancing computation technique for your business? - Help Net Security
Is Digital Forensics Possible in a COVID-19 scenario? - CISO Mag
Microsoft heads to court to take on imposter, homoglyph domains - ZDNet
MosaicLoader Malware Delivers Facebook Stealers, RATs - Threatpost
Most financial services mobile apps still rely on passwords, even with added friction - Help Net Security
Nasty Linux systemd security bug revealed - ZDNet
New MosaicLoader malware targets software pirates via online ads - Bleeping Computer
New Survey Reveals Extensive Devastation in the Aftermath of Ransomware Attacks - CISION PR Newswire
Northern's ticket machines hit by ransomware cyber attack - BBC News
Over 68K Advocate Aurora Patients Impacted by Elekta Health Data Breach - Health IT Security
Providing Security as a Service in the Wake of a High-Profile Ransomware Attack - XaaS Journal
Ransomware incident at major cloud provider disrupts real estate, title industry - Data Breaches Net
Ransomware: International cooperation is needed to curb these cybersecurity threats, says expert - TechRepublic
Researchers flag 7-years-old privilege escalation flaw in Linux kernel (CVE-2021-33909) - Help Net Security
Rising Threats Target Cloud Providers, Virtual Infrastructure - Security Boulevard
Saudi Aramco Loses 1TB of Data Following Data Breach - Softpedia News
Spanish Users Targeted by Novel Campaign Using an Old Malware Strain - TechNadu
The Android apps on your phone each have 39 security vulnerabilities on average - ZDNet
The growing threat of ransomware attacks on hospitals - AAMC
This New Malware Hides Itself Among Windows Defender Exclusions to Evade Detection - The Hacker News
Transgender charity Mermaids fined £25k for data protection breach - Digital Health
US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach - The Register
What is phishing? - Tech Central
Your iPhone and the Pegasus spyware hack: What you need to know - TechRepublic
Zero-Trust is an Adjective Without a Noun - Security Boulevard
19/07
Application security tools ineffective against new and growing threats - Help Net Security
CTIR Gov coordenará Rede Federal de Gestão de Incidentes - CISO Advisor
Ericsson takes a thumping in Mainland China for second quarter - ZDNet
Experts disclose critical flaws in Advantech router monitoring tool - Security Affairs
Experts show how to bypass Windows Hello feature to login on Windows 10 PCs - Security Affairs
Five Critical Password Security Rules Your Employees Are Ignoring - The Hacker News
Half of organizations are ineffective at countering phishing and ransomware threats - Help Net Security
How to balance employee IT security policies - Help Net Security
iPhones running latest iOS hacked to deploy NSO Group spyware - Bleeping Computer
iPhone WiFi bug morphs into zero-click hacking, but there's a fix - Bleeping Computer
Kaseya Breach: Key Takeaways for Managed Service Providers - Security Boulevard
New Leak Reveals Abuse of Pegasus Spyware to Target Journalists Globally - The Hacker News
NSO Group's Pegasus spyware used against journalists, political activists worldwide: report - ZDNet
Pegasus Project – how governments use Pegasus spyware against journalists - Security Affairs
Protect your smartphone from radio-based attacks - Help Net Security
Protecting Phones From Pegasus-Like Spyware Attacks - Threatpost
Researcher Uncovers Yet Another Unpatched Windows Printer Spooler Vulnerability - The Hacker News
Researchers Warn of Linux Cryptojacking Attackers Operating from Romania - The Hacker News
Security for Startups in a DevOps World: Infrastructure, IAM, and Remote Environments - Security Boulevard
Schneider Electric Patches 13 Vulnerabilities Affecting its EVlink Charging Stations - CISO Mag
Swedish man sentenced for gold-backed cryptocurrency scam - ZDNet
The Second Wave of a Ransomware Pandemic - Security Boulevard
There are new unpatched bugs in Windows Print Spooler - Help Net Security
Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco - Security Affairs
Top 5 NCSC Cloud Security Principles for Compliance - Security Boulevard
Turns Out That Low-Risk iOS Wi-Fi Naming Bug Can Hack iPhones Remotely - The Hacker News
US and Global Allies Accuse China of Massive Microsoft Exchange Attack - The Hacker News
Vaccinate your data: Addressing and adapting to new data risks - Help Net Security
WiFiDemon – Recently discovered iPhone Wi-Fi bug could also allow RCE - Security Affairs
Windows 10 security: Here's how researchers managed to fool Windows Hello - ZDNet
White House Accuses China of Microsoft Exchange Attack - Security Boulevard
18/07
94% of organizations suffer insider data breaches - The Manila Times
Chinese government issues new vulnerability disclosure regulations - Security Affairs
Comparis customers targeted by scammers after ransomware attack - Bleeping Computer
HelloKitty ransomware gang targets vulnerable SonicWall devices - Security Affairs
Instagram implements ‘Security Checkup’ to help users recover compromised accounts - Security Affairs
New Windows print spooler zero day exploitable via remote print servers - Bleeping Computer
Ransomware hits law firm counseling Fortune 500, Global 500 companies - Bleeping Computer
Staff, patients concerned about data breach at university hospital - Jamaica Gleaner
Windows 11 features, expected release date, and latest news - Bleeping Computer