NEWS: Junho (05/06 - 11/06) - 23 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

11/06

5 Tips for Organisations to Stay Protected From Ransomware

2022 Cyber Attacks: What You Need To Know

A Chinese-linked APT called Aoqin Dragon operate in Southeast Asia, since 2013

Authorities Warn Of Cyber Attack On Ukrainian Media

Bluetooth Signals Can Be Abused To Detect and Track Smartphones

CERT-In flags vulnerabilities in Google Chrome, Mozilla Firefox browsers

Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware

Data Breaches In Healthcare Can Put Lives At Risk

FBI, DOJ say less than 25% of NetWalker ransomware victims reported incidents

Hacker Tricked: World of Solana Community Reclaims Stolen NFTs

How New Zealand businesses can safeguard against cyber threats

MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched

Rising zero-click risks and how to defend your business

Shoprite warns customers of suspected data compromise

South African Revenue Services (SARS) warns taxpayers that there has been a sharp increase in scams

South Korea: Man arrested on charges of exploiting data leak to steal digital assets

Think twice before scanning any random QR code

Urgent warning issued to BT customers to watch out for new email scam that could drain bank account in seconds

WiFi probing exposes smartphone users to tracking, info leaks

10/06

Be Cautious Before Clicking On Random Links: Cyber-Forensics Explains About Phishing Scams

CyberRes Reveals Digital Value Chain Attacks on a Rapid Rise with Ransomware Victims Nearly Doubled Year over Year

Data Breach at Health Care Organization May Affect 2 Million

Digital resilience big concern for 95% of APAC businesses

Emotet malware gang re-emerges with Chrome-based credit card heistware

Employees ‘lose’ around two business days per year on spam

Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques

Hackers exploit recently patched Confluence bug for cryptomining

Iranian hackers target energy sector with new DNS backdoor

June 2022 Patch Tuesday forecast: Internet Explorer fades into the sunset

Newspaper Twitter account hacked to promote Goblintown phishing scam

Only 9% of Australian orgs prepared for breach

Only 43% of security pros can respond to critical alerts in less than an hour

Phishing, fake landing pages and emails from your boss: How crooks are targeting your crypto

Phishing Hits All-Time High in Q1 2022

Photos: RSA Conference 2022, part 3

Radware Finds New Era of DDoS Attacks Dawning

Researchers Block Two Million Extortion Emails Daily

Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users

Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier

Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones

Researchers unearth highly evasive “parasitic” Linux malware

RSAC: The Privacy and Blockchain Paradox

RSAC: "Users Are Not Stupid, So Don't Treat Them Like They Are"

Russia: Cyber-Attacks Could Escalate Military Conflict

Scoring Email Security Services

Southeast Asia and Australia Orgs Targeted by Aoqin Dragon Hackers for Ten Years

Tesla Fails Yet Again: Hackers can Steal Cars via NFC

This hacking group quietly spied on their targets for 10 years

United Arab Emirates (UAE) well prepared to thwart ransomware attacks, report finds

Using the random motion of electrons to improve cybersecurity

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

Vulnerabilities Targeting InfiRay Thermal Cameras May Result in Industrial Process Hacking

What cybersecurity investors should be aware of in 2022

09/06

A cybercriminal stole 1 million Facebook account credentials over 4 months

A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia

Automox Allies With Rapid7 to Automate Patch Management

Bizarre ransomware sells decryptor on Roblox Game Pass store

Checkmarx Adds Vulnerability Correlation Engine to AppSec Portfolio

Chinese hacking group Aoqin Dragon quietly spied orgs for a decade

CISA warning: Hackers are exploiting these 36 "significant" cybersecurity vulnerabilities - so patch now

Cloud computing: Here's the security threat you should be most worried about

Colorado has had a shortage of cybersecurity professionals for years. Here’s how that’s going

Dark web sites selling alleged Western weapons sent to Ukraine

District 207 Approves Cybersecurity Contract In Wake Of Attempted Breach

DoJ, FBI, IRS Make Empty Boast: SSNDOB ‘Seized’

EUA: hackers chineses invadiram ‘grandes’ empresas de telecomunicações

Even the Most Advanced Threats Rely on Unpatched Systems

Feds Forced Travel Firms to Share Surveillance Data on Hacker

Getting to grips with SaaS security

Goodman Campbell Brain and Spine alerts patients to ransomware attack while continuing to provide care

Hacker de Optimism envia 1 milhão de tokens OP para carteira de fundador da Ethereum

Healthcare is most likely to pay the ransom

How to build security for the metaverse

Man Arrested for Sharing Info on 3D-Printed Weapons

Microsoft Defender now isolates hacked, unmanaged Windows devices

MyEasyDocs Exposed 30GB of Israeli and Indian Students PII Data

New Emotet variant uses a module to steal data from Google Chrome

New Linux Malware Symbiote is "Nearly Impossible to Detect"

New MSDT 0-day Flaw ‘DogWalk’ Receives Free Unofficial Patches

New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing

New Symbiote malware infects all running processes on Linux systems

Only 13.5% of IT pros have mastered security in the cloud native space

Over Half of CISOs Struggling for Board Investment

Photos: RSA Conference 2022 Early Stage Expo

Photos: RSA Conference 2022, part 2

Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

Ransomware Actors, Access Brokers Form Lucrative Relationships

RSAC: Current Nation-State and Ransomware Gang Threat Trends

RSAC: Funding Cyber Civil Defense to Help Improve the State of Security

RSAC: How to Fix IoT Security with Digital Twins

Software pirata atrai vítimas para furto de criptomoedas

SSNDOB Cybercrime Marketplace Seized in Intl. Coordinated Operation

Summer holiday season fuels upswing of travel-themed spam

Symbiote, a nearly-impossible-to-detect Linux malware

Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector

Tainted CCleaner Pro Cracker spreads via Black Seo campaign

The most common exploit paths enterprises leave open for attackers

This Data and IT Security Training can make you a cybersecurity guru

This new Linux malware is 'almost impossible' to detect

Top three most critical areas of web security

Twitter Set to Agree to Elon Musk Request For Data on Fake Accounts

UK Joins Quantum Arms Race with First Computer

Understanding and Preventing Layer 7 Attacks

Understanding the Meaning and Purpose of IoT Forensics

Vice Society ransomware claims attack on Italian city of Palermo

What is AI-powered cyber security?

What Is Threat Modeling?

08/06

0Patch released unofficial security patch for new DogWalk Windows zero-day

Android security: Google updates fix these five critical vulnerabilities

As Conti attacks firmware, a flurry of new tools also pushes firmware security up the agenda

ATM/Kiosk Hacking (Reloaded)

Attacker Dwell Time Surges 36% in 2021

Barely one-third of IT pros can vet code for tampering

Black Basta Ransomware Targets ESXi Servers in Active Campaign

Bradford-based windows and doors firm Safestyle provides update following cyber attack in January

CISA exec: Lack of ransomware incident reporting is crippling defense efforts

CISA Reveal Chinese Hackers Tactics Targeting US Telecoms and Network Service Providers

CSA Survey Sees Shift Toward Zero-Trust IT Frameworks

Conselho da Justiça Federal é alvo de ataque hacker

Cuba ransomware returns to extorting victims with updated encryptor

Cybersecurity threats in aviation

Data breach at health care organization may affect 2 million

Emotet malware now steals credit cards from Google Chrome users

Ex-hacker que invadiu Nasa cria plataforma de games com criptomoedas

Fake Windows Updates Trick Users Into Installing Ransomware

Final exams canceled in N.J. school district after ransomware attack cripples computers

Healthcare has 650% increase in ransomware attacks - report

How to protect your business from a supply chain cyber-attack

Intruder dwell time jumps 36%

Kaspersky blocks 11 million phishing attempts via emails in SEA

Kmart issues urgent warning to shoppers over Nintendo Facebook scam

Linux botnets now exploit critical Atlassian Confluence bug

Massive Facebook Messenger phishing operation generates millions

Nigeria: Federal Government investigates bank, BetNaija over alleged data breach

Novartis latest pharma to be targeted in cyberattack

NSA, FBI warning: Hackers are using these flaws to target VPNs and network devices

OnDeck Announces Data Breach Impacting Social Security Numbers and Financial Account Information

Palo Alto Networks Sees Rise in Ransomware Payments

Pandemic-related identity fraud: How serious is it?

Phishing: use of reverse tunnel services to avoid detection and shutdown increases

Poisoned CCleaner search results spread information-stealing malware

Q1 2022 DDoS and Application Attack Activity: An Overview

Qbot – known channel for ransomware – delivered via phishing and Follina exploit

Ransomware attacks keeping the educational sector on its toes

Ransomware Greatest Risk to Supply Chain in Minds of IT Pros

Ransomware Pressure Forces UK CISOs to Consider Quitting

Recovery and resilience: CISO insights into the 2022 cybersecurity landscape

Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability

RSAC: Collective Effort Required to Strengthen National Cybersecurity

RSAC: Schneier Declares AI Hacking Will Favor Defense

Smishing attacks surged exponentially in 2021 - Report

Switching Malware Helps Evil Corp Evade Ransomware Sanctions

Telegram Shared Personal User Data With German Authorities

The real-world repercussions of cyberattacks will usher in a security renaissance

U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers

US and Euro Police Smash Cybercrime Marketplace

Zero trust segmentation eliminates 5 cyber disasters per year and saves $20+ million annually

Warning over scam emails purporting to be from HMRC

Weak collaboration between IT and security teams opens doors to cyber-attacks

Why CIOs must lead on cybersecurity and become champions for zero-trust

07/06

Akamai Reports Massive Increase in Web Apps, API Attacks

Android June 2022 updates bring fix for critical RCE vulnerability

Attackers aren’t slowing down, here’s what researchers are seeing

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

Beginner’s guide to DMARC | Everything you need to know

Boards, CEOs demand software supply chain security improvements

Class action looms over NDIS third party data breach

Cyber-Attack Surface "Spiralling Out of Control"

Cybereason Ransomware True Cost To Business Study Reveals Organisations Pay Multiple Ransom Demands

CyberRes Reveals Digital Value Chain Attacks on a Rapid Rise with Ransomware Victims Nearly Doubled Year over Year

Emotet Reemerges as Prominent Cyber Threat to Healthcare

Evil Corp Cybercrime Group Shifts to LockBit Ransomware to Evade Sanctions

Follina Exploited by State-Sponsored Hackers

Globe warns customers against new phishing threats, blocks 203 sites in Q1 2022

Google Publishes Monthly Android Security Bulletin, Patches Critical Vulnerabilities

Hackers are now hiding inside networks for longer. That's not a good sign

Hacking Scenarios: How Hackers Choose Their Victims

Humans and identity are constants in the ever-changing world of cybersecurity

Humans still weakest link in cybersecurity

Linux version of Black Basta ransomware targets VMware ESXi servers

Microsoft seizes 41 domains tied to 'Iranian phishing ring'

Multi-factor Authentication: The Best Way to Verify User Identity

New ‘DogWalk’ Windows zero-day bug gets free unofficial patches

Nigeria: Federal Government investigates Wema Bank, Bet Naija over alleged data breach

Online gun shops in the US hacked to steal credit cards

Online Perpetrators Steal Ethereum And NFTs From Yuga Labs Through Server Hack

Ransomware Attacks Are Completed 94% More Quickly Now, Suggesting Dangerous Trend

Ransomware Attacks Force Costa Rica To Shut Downs Its Computers: What Went Wrong?

Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware

Russian Ministry Website Hacked to Display “Glory To Ukraine” Message

Shields Health Care Group data breach affects 2 million patients

Smishing and Vishing Attempts Surged in 2021

Spotlight on MITRE ATT&CK: Understanding the DNS Attack Surface

The Chief Data Officer's Key Role in Fighting Ransomware

The necessity of provacy and security laws in Africa

US Lawmakers Take on Crypto Ransom Payments

Why paying a ransomware ransom is a bad idea

Why you should worry about medical ID theft

06/06

10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users

Apple protected App Store users from $1.5 billion fraud last year

Apple: These are the sorts of apps we blocked from our App Store last year

Are Vendors Failing in the Face of Open Source Cyberthreats?

Attackers Use Clipminer Cryptominer to Rake in $1.7M

Authy vs Google Authenticator: Two-factor authenticator comparison

Banking-related phishing scams on rise in Singapore

Be Proactive! Shift Security Validation Left

Being asleep at the wheel can prove costly

Broken Windows: ‘Follina’ Flaw not Fixed — For 22 MONTHS

CISA Warned About Critical Vulnerabilities in Illumina's DNA Sequencing Devices

CL0P Ransomware Activity Heats Up

Costa Rican government held up by ransomware … again

Critical Vulnerability Found in Motorola's Unisoc Chips

Crypto Scammers Are Running Riot In Australia

Cyber-Attacks on Industrial Assets Cost Firms Millions

Cybersecurity should be more complex than 123456

Demand for cyber risk insurance soars in Brazil

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

FBI warning: This gang steals data for ransom, then makes harassing phone calls to pile on the pressure

Five Questions To Ask Your CISO About Training

Four steps to successful empathetic investigations

Gloucester Council IT Systems Still Not Fully Operational Six Months After Cyber-Attack

Hackers Claim Drug Data Theft as Reports Warn Health Sector

Healthcare Is Vulnerable To Cybercrime — Consider This Data Protection Solution For Your Clients

Healthcare-specific cybersecurity problems and how to address them

How FBI Helped Thwart ‘Despicable’ Cyberattack on Boston Children’s Hospital

How the Russia-Ukraine war makes ransomware payments harder

How to always access your locked iOS device

How to defend your school from cyber-attacks

IBM anuncia aquisição da Randori para reforçar XDR

Intelligence must drive strategic decisions

Italian city of Palermo shuts down all systems to fend off cyberattack

Kaspersky blocks 11M malicious mails in SEA in ’21

KELA’s Ransomware Victims and Network Access Sales Report Finds 227 Ransomware Attacks Every Month in Q1 2022

LockBit 2.0 gang claims Mandiant as latest victim; Mandiant sees no evidence of it

Managed Identity Attack Paths, Part 1: Automation Accounts

Mandiant: “No evidence” we were hacked by LockBit ransomware

Microsoft bug banned Rewards accounts when redeeming points

Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers

Microsoft's new 'autopatch' service for Windows PC just took another step forwards

Qualys VMDR 2.0 with TruRisk: Taking vulnerability management to the next level

Ransomware attacks have dropped. And gangs are attacking each other's victims

Ransomware attacks on health organizations up by 94% in 2021 globally – Sophos

Ransomware gangs now give victims time to save their reputation

Red TIM Research discovers a Command Injection with a 9,8 score on Resi

Russian Ministry of Construction Website Hacked

Russian Ministry Website Reportedly Hacked

Schools and Underwriters Do Their Cyber Security Homework; Since Remote Classes, $1 Million Ransomware Claims Have Become the Norm

'Shields Up': the new normal in cyberspace

Singapore: More scammers impersonating bank staff over the phone and via SMS to dupe victims

Small business cybersecurity: Avoid these 8 basic mistakes that could let hackers in

State-Backed Hacker Believed to Be Behind Follina Attacks on EU and US

The costs and damages of DNS attacks

The Intigriti Ethical Hacker Survey 2022

Thousands of unprotected Elasticsearch databases are being ransomed

Traps for rogue ransomware attacks

Trojan Horse Malware Has Been On The Rise As New Report Issues Alarm For Mobile Banking Apps

UnionBank warns against phishing scheme through text messages

Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices

Vietnam arrests Taiwanese national amid banking security breach

What Is Typosquatting? Spotting a Sting Site in 2022

What’s next for GDPR?

Why your business needs data resilience in an unsafe world

Windows zero-day exploited in US local govt phishing attacks

Yuga Labs confirma ataque hacker que roubou US$ 360 mil em NFTs

05/06

As national cybersecurity threats grow, why Texas could be a target

Ask an Expert: Social media cyber security

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Cybersecurity insurance costs escalate for municipalities as cases of ransomware attacks climb

Evasive phishing mixes reverse tunnels and URL shortening services

Exploit released for Atlassian Confluence RCE bug, patch now

FBI Chief: Iranian hackers targeted Boston Children's Hospital in 2021

Firm Pledges To Improve Cyber Security, Infrastructure

FluBot: Strike against SMS-based Android malware

Get a light, powerful cybersecurity device for under $300

Gmail and Outlook warning: Don't ignore urgent Government advice, dangerous new scam email

Hackers obtêm US$ 1,7 milhão em golpe de criptomoeda com botnet

Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club

How companies can fight the menace of phishing

Online scams lead most cybercrimes

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Ransomware malware grows 7.6 per cent: Report

Site jornalístico relata ataque hacker após reportagem sobre fórum propagador de fake news

Spam text messages from Scammers can Cost You a Big Deal

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S

The Hacker Gold Rush That’s Poised to Eclipse Ransomware

What is an Open Redirect vulnerability, why is it dangerous and how can you stay safe?

NEWS: Maio/Junho (29/05 - 04/06) - 22 Semana de 2022