NEWS: Junho (05/06 - 11/06) - 23 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

11/06
5 Tips for Organisations to Stay Protected From Ransomware
2022 Cyber Attacks: What You Need To Know
A Chinese-linked APT called Aoqin Dragon operate in Southeast Asia, since 2013
Authorities Warn Of Cyber Attack On Ukrainian Media
Bluetooth Signals Can Be Abused To Detect and Track Smartphones
CERT-In flags vulnerabilities in Google Chrome, Mozilla Firefox browsers
Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware
Data Breaches In Healthcare Can Put Lives At Risk
FBI, DOJ say less than 25% of NetWalker ransomware victims reported incidents
Hacker Tricked: World of Solana Community Reclaims Stolen NFTs
How New Zealand businesses can safeguard against cyber threats
MIT Researchers Discover New Flaw in Apple M1 CPUs That Can't Be Patched
Rising zero-click risks and how to defend your business
Shoprite warns customers of suspected data compromise
South African Revenue Services (SARS) warns taxpayers that there has been a sharp increase in scams
South Korea: Man arrested on charges of exploiting data leak to steal digital assets
Think twice before scanning any random QR code
WiFi probing exposes smartphone users to tracking, info leaks
10/06
Be Cautious Before Clicking On Random Links: Cyber-Forensics Explains About Phishing Scams
Data Breach at Health Care Organization May Affect 2 Million
Digital resilience big concern for 95% of APAC businesses
Emotet malware gang re-emerges with Chrome-based credit card heistware
Employees ‘lose’ around two business days per year on spam
Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques
Hackers exploit recently patched Confluence bug for cryptomining
Iranian hackers target energy sector with new DNS backdoor
June 2022 Patch Tuesday forecast: Internet Explorer fades into the sunset
Newspaper Twitter account hacked to promote Goblintown phishing scam
Only 9% of Australian orgs prepared for breach
Only 43% of security pros can respond to critical alerts in less than an hour
Phishing, fake landing pages and emails from your boss: How crooks are targeting your crypto
Phishing Hits All-Time High in Q1 2022
Photos: RSA Conference 2022, part 3
Radware Finds New Era of DDoS Attacks Dawning
Researchers Block Two Million Extortion Emails Daily
Researchers Detail How Cyber Criminals Targeting Cryptocurrency Users
Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier
Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones
Researchers unearth highly evasive “parasitic” Linux malware
RSAC: The Privacy and Blockchain Paradox
RSAC: "Users Are Not Stupid, So Don't Treat Them Like They Are"
Russia: Cyber-Attacks Could Escalate Military Conflict
Scoring Email Security Services
Southeast Asia and Australia Orgs Targeted by Aoqin Dragon Hackers for Ten Years
Tesla Fails Yet Again: Hackers can Steal Cars via NFC
This hacking group quietly spied on their targets for 10 years
United Arab Emirates (UAE) well prepared to thwart ransomware attacks, report finds
Using the random motion of electrons to improve cybersecurity
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
Vulnerabilities Targeting InfiRay Thermal Cameras May Result in Industrial Process Hacking
What cybersecurity investors should be aware of in 2022
09/06
A cybercriminal stole 1 million Facebook account credentials over 4 months
A Decade-Long Chinese Espionage Campaign Targets Southeast Asia and Australia
Automox Allies With Rapid7 to Automate Patch Management
Bizarre ransomware sells decryptor on Roblox Game Pass store
Checkmarx Adds Vulnerability Correlation Engine to AppSec Portfolio
Chinese hacking group Aoqin Dragon quietly spied orgs for a decade
Cloud computing: Here's the security threat you should be most worried about
Colorado has had a shortage of cybersecurity professionals for years. Here’s how that’s going
Dark web sites selling alleged Western weapons sent to Ukraine
District 207 Approves Cybersecurity Contract In Wake Of Attempted Breach
DoJ, FBI, IRS Make Empty Boast: SSNDOB ‘Seized’
EUA: hackers chineses invadiram ‘grandes’ empresas de telecomunicações
Even the Most Advanced Threats Rely on Unpatched Systems
Feds Forced Travel Firms to Share Surveillance Data on Hacker
Getting to grips with SaaS security
Hacker de Optimism envia 1 milhão de tokens OP para carteira de fundador da Ethereum
Healthcare is most likely to pay the ransom
How to build security for the metaverse
Man Arrested for Sharing Info on 3D-Printed Weapons
Microsoft Defender now isolates hacked, unmanaged Windows devices
MyEasyDocs Exposed 30GB of Israeli and Indian Students PII Data
New Emotet variant uses a module to steal data from Google Chrome
New Linux Malware Symbiote is "Nearly Impossible to Detect"
New MSDT 0-day Flaw ‘DogWalk’ Receives Free Unofficial Patches
New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing
New Symbiote malware infects all running processes on Linux systems
Only 13.5% of IT pros have mastered security in the cloud native space
Over Half of CISOs Struggling for Board Investment
Photos: RSA Conference 2022 Early Stage Expo
Photos: RSA Conference 2022, part 2
Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia
Ransomware Actors, Access Brokers Form Lucrative Relationships
RSAC: Current Nation-State and Ransomware Gang Threat Trends
RSAC: Funding Cyber Civil Defense to Help Improve the State of Security
RSAC: How to Fix IoT Security with Digital Twins
Software pirata atrai vítimas para furto de criptomoedas
SSNDOB Cybercrime Marketplace Seized in Intl. Coordinated Operation
Summer holiday season fuels upswing of travel-themed spam
Symbiote, a nearly-impossible-to-detect Linux malware
Symbiote: A Stealthy Linux Malware Targeting Latin American Financial Sector
Tainted CCleaner Pro Cracker spreads via Black Seo campaign
The most common exploit paths enterprises leave open for attackers
This Data and IT Security Training can make you a cybersecurity guru
This new Linux malware is 'almost impossible' to detect
Top three most critical areas of web security
Twitter Set to Agree to Elon Musk Request For Data on Fake Accounts
UK Joins Quantum Arms Race with First Computer
Understanding and Preventing Layer 7 Attacks
Understanding the Meaning and Purpose of IoT Forensics
Vice Society ransomware claims attack on Italian city of Palermo
What is AI-powered cyber security?
08/06
0Patch released unofficial security patch for new DogWalk Windows zero-day
Android security: Google updates fix these five critical vulnerabilities
As Conti attacks firmware, a flurry of new tools also pushes firmware security up the agenda
Attacker Dwell Time Surges 36% in 2021
Barely one-third of IT pros can vet code for tampering
Black Basta Ransomware Targets ESXi Servers in Active Campaign
Bradford-based windows and doors firm Safestyle provides update following cyber attack in January
CISA exec: Lack of ransomware incident reporting is crippling defense efforts
CISA Reveal Chinese Hackers Tactics Targeting US Telecoms and Network Service Providers
CSA Survey Sees Shift Toward Zero-Trust IT Frameworks
Conselho da Justiça Federal é alvo de ataque hacker
Cuba ransomware returns to extorting victims with updated encryptor
Cybersecurity threats in aviation
Data breach at health care organization may affect 2 million
Emotet malware now steals credit cards from Google Chrome users
Ex-hacker que invadiu Nasa cria plataforma de games com criptomoedas
Fake Windows Updates Trick Users Into Installing Ransomware
Final exams canceled in N.J. school district after ransomware attack cripples computers
Healthcare has 650% increase in ransomware attacks - report
How to protect your business from a supply chain cyber-attack
Kaspersky blocks 11 million phishing attempts via emails in SEA
Kmart issues urgent warning to shoppers over Nintendo Facebook scam
Linux botnets now exploit critical Atlassian Confluence bug
Massive Facebook Messenger phishing operation generates millions
Nigeria: Federal Government investigates bank, BetNaija over alleged data breach
Novartis latest pharma to be targeted in cyberattack
NSA, FBI warning: Hackers are using these flaws to target VPNs and network devices
OnDeck Announces Data Breach Impacting Social Security Numbers and Financial Account Information
Palo Alto Networks Sees Rise in Ransomware Payments
Pandemic-related identity fraud: How serious is it?
Phishing: use of reverse tunnel services to avoid detection and shutdown increases
Poisoned CCleaner search results spread information-stealing malware
Q1 2022 DDoS and Application Attack Activity: An Overview
Qbot – known channel for ransomware – delivered via phishing and Follina exploit
Ransomware attacks keeping the educational sector on its toes
Ransomware Greatest Risk to Supply Chain in Minds of IT Pros
Ransomware Pressure Forces UK CISOs to Consider Quitting
Recovery and resilience: CISO insights into the 2022 cybersecurity landscape
Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability
RSAC: Collective Effort Required to Strengthen National Cybersecurity
RSAC: Schneier Declares AI Hacking Will Favor Defense
Smishing attacks surged exponentially in 2021 - Report
Switching Malware Helps Evil Corp Evade Ransomware Sanctions
Telegram Shared Personal User Data With German Authorities
The real-world repercussions of cyberattacks will usher in a security renaissance
U.S. Agencies Warn About Chinese Hackers Targeting Telecoms and Network Service Providers
US and Euro Police Smash Cybercrime Marketplace
Zero trust segmentation eliminates 5 cyber disasters per year and saves $20+ million annually
Warning over scam emails purporting to be from HMRC
Weak collaboration between IT and security teams opens doors to cyber-attacks
Why CIOs must lead on cybersecurity and become champions for zero-trust
07/06
Akamai Reports Massive Increase in Web Apps, API Attacks
Android June 2022 updates bring fix for critical RCE vulnerability
Attackers aren’t slowing down, here’s what researchers are seeing
Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw
Beginner’s guide to DMARC | Everything you need to know
Boards, CEOs demand software supply chain security improvements
Class action looms over NDIS third party data breach
Cyber-Attack Surface "Spiralling Out of Control"
Cybereason Ransomware True Cost To Business Study Reveals Organisations Pay Multiple Ransom Demands
Emotet Reemerges as Prominent Cyber Threat to Healthcare
Evil Corp Cybercrime Group Shifts to LockBit Ransomware to Evade Sanctions
Follina Exploited by State-Sponsored Hackers
Globe warns customers against new phishing threats, blocks 203 sites in Q1 2022
Google Publishes Monthly Android Security Bulletin, Patches Critical Vulnerabilities
Hackers are now hiding inside networks for longer. That's not a good sign
Hacking Scenarios: How Hackers Choose Their Victims
Humans and identity are constants in the ever-changing world of cybersecurity
Humans still weakest link in cybersecurity
Linux version of Black Basta ransomware targets VMware ESXi servers
Microsoft seizes 41 domains tied to 'Iranian phishing ring'
Multi-factor Authentication: The Best Way to Verify User Identity
New ‘DogWalk’ Windows zero-day bug gets free unofficial patches
Nigeria: Federal Government investigates Wema Bank, Bet Naija over alleged data breach
Online gun shops in the US hacked to steal credit cards
Online Perpetrators Steal Ethereum And NFTs From Yuga Labs Through Server Hack
Ransomware Attacks Are Completed 94% More Quickly Now, Suggesting Dangerous Trend
Ransomware Attacks Force Costa Rica To Shut Downs Its Computers: What Went Wrong?
Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware
Russian Ministry Website Hacked to Display “Glory To Ukraine” Message
Shields Health Care Group data breach affects 2 million patients
Smishing and Vishing Attempts Surged in 2021
Spotlight on MITRE ATT&CK: Understanding the DNS Attack Surface
The Chief Data Officer's Key Role in Fighting Ransomware
The necessity of provacy and security laws in Africa
US Lawmakers Take on Crypto Ransom Payments
Why paying a ransomware ransom is a bad idea
Why you should worry about medical ID theft
06/06
10 Most Prolific Banking Trojans Targeting Hundreds of Financial Apps with Over a Billion Users
Apple protected App Store users from $1.5 billion fraud last year
Apple: These are the sorts of apps we blocked from our App Store last year
Are Vendors Failing in the Face of Open Source Cyberthreats?
Attackers Use Clipminer Cryptominer to Rake in $1.7M
Authy vs Google Authenticator: Two-factor authenticator comparison
Banking-related phishing scams on rise in Singapore
Be Proactive! Shift Security Validation Left
Being asleep at the wheel can prove costly
Broken Windows: ‘Follina’ Flaw not Fixed — For 22 MONTHS
CISA Warned About Critical Vulnerabilities in Illumina's DNA Sequencing Devices
CL0P Ransomware Activity Heats Up
Costa Rican government held up by ransomware … again
Critical Vulnerability Found in Motorola's Unisoc Chips
Crypto Scammers Are Running Riot In Australia
Cyber-Attacks on Industrial Assets Cost Firms Millions
Cybersecurity should be more complex than 123456
Demand for cyber risk insurance soars in Brazil
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies
Five Questions To Ask Your CISO About Training
Four steps to successful empathetic investigations
Gloucester Council IT Systems Still Not Fully Operational Six Months After Cyber-Attack
Hackers Claim Drug Data Theft as Reports Warn Health Sector
Healthcare Is Vulnerable To Cybercrime — Consider This Data Protection Solution For Your Clients
Healthcare-specific cybersecurity problems and how to address them
How FBI Helped Thwart ‘Despicable’ Cyberattack on Boston Children’s Hospital
How the Russia-Ukraine war makes ransomware payments harder
How to always access your locked iOS device
How to defend your school from cyber-attacks
IBM anuncia aquisição da Randori para reforçar XDR
Intelligence must drive strategic decisions
Italian city of Palermo shuts down all systems to fend off cyberattack
Kaspersky blocks 11M malicious mails in SEA in ’21
LockBit 2.0 gang claims Mandiant as latest victim; Mandiant sees no evidence of it
Managed Identity Attack Paths, Part 1: Automation Accounts
Mandiant: “No evidence” we were hacked by LockBit ransomware
Microsoft bug banned Rewards accounts when redeeming points
Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers
Microsoft's new 'autopatch' service for Windows PC just took another step forwards
Qualys VMDR 2.0 with TruRisk: Taking vulnerability management to the next level
Ransomware attacks have dropped. And gangs are attacking each other's victims
Ransomware attacks on health organizations up by 94% in 2021 globally – Sophos
Ransomware gangs now give victims time to save their reputation
Red TIM Research discovers a Command Injection with a 9,8 score on Resi
Russian Ministry of Construction Website Hacked
Russian Ministry Website Reportedly Hacked
'Shields Up': the new normal in cyberspace
Singapore: More scammers impersonating bank staff over the phone and via SMS to dupe victims
Small business cybersecurity: Avoid these 8 basic mistakes that could let hackers in
State-Backed Hacker Believed to Be Behind Follina Attacks on EU and US
The costs and damages of DNS attacks
The Intigriti Ethical Hacker Survey 2022
Thousands of unprotected Elasticsearch databases are being ransomed
Traps for rogue ransomware attacks
Trojan Horse Malware Has Been On The Rise As New Report Issues Alarm For Mobile Banking Apps
UnionBank warns against phishing scheme through text messages
Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices
Vietnam arrests Taiwanese national amid banking security breach
What Is Typosquatting? Spotting a Sting Site in 2022
Why your business needs data resilience in an unsafe world
Windows zero-day exploited in US local govt phishing attacks
Yuga Labs confirma ataque hacker que roubou US$ 360 mil em NFTs
05/06
As national cybersecurity threats grow, why Texas could be a target