NEWS: Maio (09/05 - 15/05) - 19 Semana de 2021

15/05

Apple rejected over 215,000 apps in 2020 for privacy violations - Bleeping Computer

Best Windows 10 commands to diagnose your Internet connection - Bleeping Computer

Doctors locked out of x-rays, test results and medical records - Independent IE

European police dismantle major online investment fraud ring that causes €30 Million in losses - Security Affairs

Hacked US energy pipeline on track to restore full service but shortages persist - The Guardian

HSE issues statement on the impact of ransomware attack for patients of Portlaoise, Naas and Tullamore hospitals - Leinster Express

Ireland’s Health Services hit with $20 million ransomware demand - Bleeping Computer

Major hacking forums XSS and Exploit ban ads from ransomware gangs - Security Affairs

NSW Labor warns members their data could end up online after hacker’s deadline passes - The Guardian

QNAP warns of eCh0raix ransomware and Roon Server zero-day attacks - Security Affairs

Ransomware Actor Hit Insurance Giant AXA Following Decision to Stop Ransomware Reimbursements - TechNadu

South Korea clamps down on digital currency phishing activities - CoinGeek

Telephone System At University Hospital Limerick Affected By HSE Ransomware Attack - Clare FM

There’s a Simple Way Websites Can Identify Anonymous Users Across Different Browsers - TechNadu

Windows 10 is gaining these nifty enhancements in the next update - Bleeping Computer

14/05

Big Cybersecurity Tips For Remote Workers Who Use Their Own Tech - The Hacker News

Cloudflare wants to kill the CAPTCHA - ZDNet

Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals - The Hacker News

Cross-browser tracking vulnerability tracks you via installed apps - Bleeping Computer

Darkside gang lost control of their servers and funds - Security Affairs

DarkSide ransomware servers reportedly seized, operation shuts down - Bleeping Computer

Data growth as the number one storage management challenge - Help Net Security

Hackers Using Microsoft Build Engine to Deliver Malware Filelessly - The Hacker News

Irish healthcare shuts down IT systems after Conti ransomware attack - Bleeping Computer

Magecart Hackers Now hide PHP-Based Backdoor In Website Favicons - The Hacker News

Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal - The Hacker News

QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day - Bleeping Computer

Rapid7 source code, alert data accessed in Codecov supply chain attack - ZDNet

Ransomware ads now also banned on Exploit cybercrime forum - Bleeping Computer

Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template - The Hacker News

Researchers design a way to make encrypted keys harder to crack - Help Net Security

Russian-language cybercriminal forum ‘XSS’ bans DarkSide and other ransomware groups - ZDNet

Scheme flooding fingerprint technique may deanonymize Tor users - Security Affairs

'Significant' ransomware attack forces Ireland's health service to shut down IT systems - ZDNet

The winged ninja cyber monkeys narrative is absolutely wrong: Former NCSC chief - ZDNet

When exploit code precedes a patch, attackers gain a massive head start - Help Net Security

13/05

Chemical distributor pays $4.4 million to DarkSide ransomware - Bleeping Computer

Cloud compromise now the biggest cybersecurity issue for financial institutions - Help Net Security

Colonial Pipeline attack: Everything you need to know - ZDNet

Colonial Pipeline restarts operations brought down by ransomware - ZDNet

Colonial Pipeline restores operations, $5 million ransom demanded - Bleeping Computer

Consumers aware of travel cyber risks, still not putting their digital wellness first - Help Net Security

Crypto exchange glitch causes duplicate purchases, delayed credits - Bleeping Computer

Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged Cards - The Hacker News

Fake Android, iOS apps promise lucrative investments while stealing your money - ZDNet

Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools - Help Net Security

Microsoft build tool abused to deliver password-stealing malware - Bleeping Computer

Organizations using Microsoft 365 experience more breaches, with more severe impacts - Help Net Security

Phishing, ransomware, Web app attacks dominate data breaches in 2021, says Verizon Business DBIR - ZDNet

Popular Russian hacking forum XSS bans all ransomware topics - Bleeping Computer

Rapid7 source code, credentials accessed in Codecov supply-chain attack - Bleeping Computer

Top security threats for power plants and how to proactively avoid them - Help Net Security

US agrees to remove Xiaomi from Communist Chinese military company list - ZDNet

US CISA and FBI publish joint alert on DarkSide ransomware - Security Affairs

Windows 10 KB5003173 update fails with error 0x800f0922, how to fix - Bleeping Computer

12/05

328 weaknesses found by WA Auditor-General in 50 local government systems - ZDNet

All Wi-Fi devices impacted by new FragAttacks vulnerabilities - Beelping Computer

Apple prevented 1 million risky or vulnerable apps from entering App Store in 2020 - ZDNet

Are Cybercriminals Evil or Greedy? - Security Boulevard

Creating Policies & Automating Enforcement for Data Loss Prevention - Security Boulevard

DarkSide Offered Ransomware-as-a-Service Before Pipeline Attack - Security Boulevard

FBI, CISA publish alert on DarkSide ransomware - ZDNet

Foreign Secretary Sets Out UK’s Global Cyber Vision - InfoSecurity

Greek Hemodialysis Unit Operator Hit by Ransomware Gang That Threatens DDoSing - TechNadu

Half of Government Security Incidents Caused by Missing Patches - InfoSecurity

Home Working Parents and Young Adults Are Most Risky IT Users - InfoSecurity

Latest Microsoft Windows Updates Patch Dozens of Security Flaws - The Hacker News

Lessons in Securing Development Environments - Security Boulevard

Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities - Security Affairs

Microsoft Is Ringing the Bell of May 2021 ‘Patch Tuesday’ - TechNadu

Navigating the waters of maritime cybersecurity - Help Net Security

Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks - The Hacker News

New ransomware: CISA warns over FiveHands file-encrypting malware variant - ZDNet

NSA and ODNI analyze potential risks to 5G networks - Security Affairs

Rail Firm Staff Fail ‘Bonus’ Phishing Test, Chaos Ensues - Security Boulevard

Ransomware Attacks on Municipalities Continue - Security Boulevard

Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations - The Hacker News

Researchers found three flaws in ACT e-voting system that could affect election outcomes - ZDNet

Researchers track down five affiliates of DarkSide ransomware service - ZDNet

Russia must do more to tackle cyber criminals operating from within its borders, says UK - ZDNet

Russia Proposes Encryption Keys Escrow to Fight Terrorism While Retaining User Privacy - TechNadu

Scammers aren’t always who we expect them to be: How AI and biometrics can help - Help Net Security

Security awareness training doesn’t solve human risk - Help Net Security

TeaBot Android banking Trojan targets banks in Europe - Security Affairs

Tens of Thousands of VoIP Devices From Around the Globe Are Publicly Exposed - TechNadu

Time to patch against FragAttacks but good luck with home routers and IoT devices - ZDNet

What the pipeline attack means for critical infrastructures - Help Net Security

When the adversarial view of the attack surface is missing, DX becomes riskier - Help Net Security

11/05

90% of security leaders view bot management as a top priority - Help Net Security

ACE Shuts Down the Operation of the “NTG” Release Group - TechNadu

Adobe fixes Reader zero-day vulnerability exploited in the wild - Bleeping Computer

American Startup Is Paying People $500 to Give Away Their Payroll Credentials - TechNadu

Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015 - Security Affairs

AXA to Stop Reimbursing Ransom Payments - InfoSecurity

CAM sector cybersecurity challenges and how to mitigate them - Help Net Security

Enterprises increasingly relying on open source software - Help Net Security

Everything you need to know about the Colonial Pipeline ransomware attack - ZDNet

Experts warn of a new Android banking trojan stealing users' credentials - The Hacker News

FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks - Security Affairs

GitHub shifts away from passwords with security key support for SSH Git operations - ZDNet

Google open sources cosign tool for verifying containers - Security Affairs

iPhone app tracking feature greyed out? Try this fix - ZDNet

Japanese Manufacturer Yamabiko Targeted by Babuk Ransomware - InfoSecurity

Learn Windows PowerShell scripting with this $20 course bundle - Bleeping Computer

Microsoft Defender ATP now secures networked Linux, macOS devices - Bleeping Computer

New Android Malware Called ‘TeaBot’ Is Spreading in Europe - TechNadu

Ransomware: Don't pay up, it just shows cyber criminals that attacks work, warns Home Secretary - ZDNet

Ransomware gang leaks data from Metropolitan Police Department - Bleeping Computer

Security Vs. Convenience: Navigating the Mobile World - Security Boulevard

The best CISOs think like Batman, not Superman - Help Net Security

U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack - The Hacker News

U.S Intelligence Agencies Warn About 5G Network Weaknesses - The Hacker News

Why threat hunting is obsolete without context - Help Net Security

Your Security Awareness Training Isn’t Working - Security Boulevard

10/05

A picture is worth a thousand words, but to hackers, it’s worth much more - Help Net Security

Amazon seized, destroyed two million fake products sent to warehouses in 2020 - ZDNet

Apple AirTag Was Hacked and Successfully Reprogrammed at Will - TechNadu

AXA pledges to stop reimbursing ransom payments for French ransomware victims - ZDNet

Bitcoin Security Rectifier app aims to make Bitcoin more secure - Help Net Security

Colonial Pipeline’s Ransomware Attack Sparks Emergency Declaration - ThreatPost

City of Tulsa's online services disrupted in ransomware incident - Bleeping Computer

‘DarkSide’ Is Probably Responsible for the Ransomware Attack Against Colonial Pipeline - TechNadu

Defending against Windows RDP attacks - Help Net Security

DX projects hindered by lack of collaboration between security and networking teams - Help Net Security

Exploiting common URL redirection methods to create effective phishing attacks - Help Net Security

FBI confirmed that Darkside ransomware gang hit Colonial Pipeline - Security Affairs

Federal Court Permits Warrantless Device Searches at Border - Security Boulevard

Getting a grip on basic cyber hygiene - Help Net Security

Group pleads guilty to running bulletproof hosting service for criminal gangs, malware payloads - ZDNet

How do I select a managed cybersecurity solution for my business? - Help Net Security

Is it still a good idea to require users to change their passwords? - The Hacker News

Japanese Power Tool Maker ‘Yamabiko’ Claimed as Victim by Babuk - TechNadu

Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks - ZDNet

NatWest Bank alerts customers of standing order blunder - Bleeping Computer

New competition allows cybersecurity leaders to test their knowledge and skills - Help Net Security

Parliamentary Services pulled MDM system offline causing March APH outage - ZDNet

Pipeline ransomware attack: US invokes emergency transport rules to keep fuel flowing - ZDNet

The Perils of a Running Start: Can You Skip SOC 2 Type 1? - Security Boulevard

Threat actors added thousands of Tor exit nodes to carry out SSL stripping attacks - Security Affairs

WhatsApp will not deactivate accounts for not accepting new privacy terms - Security Affairs

09/05

Cybersecurity and Compliance for Healthcare Organizations - Security Boulevard

Fears of gas price surge after 'DarkSide' cyber attack shuts Colonial Pipeline between Texas and NJ that carries 45% of East Coast fuel: Experts call it 'most significant assault on infrastructure to date in the US' - Daily Mail

Four Plead Guilty to Aiding Cyber Criminals with Bulletproof Hosting - The Hacker News

Largest US fuel pipeline system shut by ransomware attack - The Citizen

PayPal users urged to stay vigilant as scammers claim account 'has been suspended' - Express UK

Ransomware Attack Forces Top US Gas Pipeline to Halt Operations - Make Use Of

Ransomware Attack on US Crude Oil Grid; Colonial Pipeline Shuts Key Lime - International Business Time

Ransomware Attackers Up Ante as White House Vows Crack Down - Yahoo! News

Ransomware just got very real. And it's likely to get worse - ZDNet

South Korea to clamp down on cryptocurrency phishing activity - Wion News

User 'opt-in' rate for tracking across iOS sitting at 13% globally - ZDNet

NEWS: Abril/Maio (02/05 - 08/05) - 18 Semana de 2021