NEWS: Maio (09/05 - 15/05) - 19 Semana de 2021

15/05
Apple rejected over 215,000 apps in 2020 for privacy violations - Bleeping Computer
Best Windows 10 commands to diagnose your Internet connection - Bleeping Computer
Doctors locked out of x-rays, test results and medical records - Independent IE
European police dismantle major online investment fraud ring that causes €30 Million in losses - Security Affairs
Hacked US energy pipeline on track to restore full service but shortages persist - The Guardian
HSE issues statement on the impact of ransomware attack for patients of Portlaoise, Naas and Tullamore hospitals - Leinster Express
Ireland’s Health Services hit with $20 million ransomware demand - Bleeping Computer
Major hacking forums XSS and Exploit ban ads from ransomware gangs - Security Affairs
NSW Labor warns members their data could end up online after hacker’s deadline passes - The Guardian
QNAP warns of eCh0raix ransomware and Roon Server zero-day attacks - Security Affairs
Ransomware Actor Hit Insurance Giant AXA Following Decision to Stop Ransomware Reimbursements - TechNadu
South Korea clamps down on digital currency phishing activities - CoinGeek
Telephone System At University Hospital Limerick Affected By HSE Ransomware Attack - Clare FM
There’s a Simple Way Websites Can Identify Anonymous Users Across Different Browsers - TechNadu
Windows 10 is gaining these nifty enhancements in the next update - Bleeping Computer

14/05
Big Cybersecurity Tips For Remote Workers Who Use Their Own Tech - The Hacker News
Cloudflare wants to kill the CAPTCHA - ZDNet
Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals - The Hacker News
Cross-browser tracking vulnerability tracks you via installed apps - Bleeping Computer
Darkside gang lost control of their servers and funds - Security Affairs
DarkSide ransomware servers reportedly seized, operation shuts down - Bleeping Computer
Data growth as the number one storage management challenge - Help Net Security
Hackers Using Microsoft Build Engine to Deliver Malware Filelessly - The Hacker News
Irish healthcare shuts down IT systems after Conti ransomware attack - Bleeping Computer
Magecart Hackers Now hide PHP-Based Backdoor In Website Favicons - The Hacker News
Pakistan-Linked Hackers Added New Windows Malware to Its Arsenal - The Hacker News
QNAP warns of eCh0raix ransomware attacks, Roon Server zero-day - Bleeping Computer
Rapid7 source code, alert data accessed in Codecov supply chain attack - ZDNet
Ransomware ads now also banned on Exploit cybercrime forum - Bleeping Computer
Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template - The Hacker News
Researchers design a way to make encrypted keys harder to crack - Help Net Security
Russian-language cybercriminal forum ‘XSS’ bans DarkSide and other ransomware groups - ZDNet
Scheme flooding fingerprint technique may deanonymize Tor users - Security Affairs
'Significant' ransomware attack forces Ireland's health service to shut down IT systems - ZDNet
The winged ninja cyber monkeys narrative is absolutely wrong: Former NCSC chief - ZDNet
When exploit code precedes a patch, attackers gain a massive head start - Help Net Security

13/05
Chemical distributor pays $4.4 million to DarkSide ransomware - Bleeping Computer
Cloud compromise now the biggest cybersecurity issue for financial institutions - Help Net Security
Colonial Pipeline attack: Everything you need to know - ZDNet
Colonial Pipeline restarts operations brought down by ransomware - ZDNet
Colonial Pipeline restores operations, $5 million ransom demanded - Bleeping Computer
Consumers aware of travel cyber risks, still not putting their digital wellness first - Help Net Security
Crypto exchange glitch causes duplicate purchases, delayed credits - Bleeping Computer
Dark Web Getting Loaded With Bogus Covid-19 Vaccines and Forged Cards - The Hacker News
Fake Android, iOS apps promise lucrative investments while stealing your money - ZDNet
Infrastructure drift: A multidimensional problem with the need for new DevSecOps tools - Help Net Security
Microsoft build tool abused to deliver password-stealing malware - Bleeping Computer
Organizations using Microsoft 365 experience more breaches, with more severe impacts - Help Net Security
Phishing, ransomware, Web app attacks dominate data breaches in 2021, says Verizon Business DBIR - ZDNet
Popular Russian hacking forum XSS bans all ransomware topics - Bleeping Computer
Rapid7 source code, credentials accessed in Codecov supply-chain attack - Bleeping Computer
Top security threats for power plants and how to proactively avoid them - Help Net Security
US agrees to remove Xiaomi from Communist Chinese military company list - ZDNet
US CISA and FBI publish joint alert on DarkSide ransomware - Security Affairs
Windows 10 KB5003173 update fails with error 0x800f0922, how to fix - Bleeping Computer

12/05
328 weaknesses found by WA Auditor-General in 50 local government systems - ZDNet
All Wi-Fi devices impacted by new FragAttacks vulnerabilities - Beelping Computer
Apple prevented 1 million risky or vulnerable apps from entering App Store in 2020 - ZDNet
Are Cybercriminals Evil or Greedy? - Security Boulevard
Creating Policies & Automating Enforcement for Data Loss Prevention - Security Boulevard
DarkSide Offered Ransomware-as-a-Service Before Pipeline Attack - Security Boulevard
FBI, CISA publish alert on DarkSide ransomware - ZDNet
Foreign Secretary Sets Out UK’s Global Cyber Vision - InfoSecurity
Greek Hemodialysis Unit Operator Hit by Ransomware Gang That Threatens DDoSing - TechNadu
Half of Government Security Incidents Caused by Missing Patches - InfoSecurity
Home Working Parents and Young Adults Are Most Risky IT Users - InfoSecurity
Latest Microsoft Windows Updates Patch Dozens of Security Flaws - The Hacker News
Lessons in Securing Development Environments - Security Boulevard
Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities - Security Affairs
Microsoft Is Ringing the Bell of May 2021 ‘Patch Tuesday’ - TechNadu
Navigating the waters of maritime cybersecurity - Help Net Security
Nearly All Wi-Fi Devices Are Vulnerable to New FragAttacks - The Hacker News
New ransomware: CISA warns over FiveHands file-encrypting malware variant - ZDNet
NSA and ODNI analyze potential risks to 5G networks - Security Affairs
Rail Firm Staff Fail ‘Bonus’ Phishing Test, Chaos Ensues - Security Boulevard
Ransomware Attacks on Municipalities Continue - Security Boulevard
Ransomware Gang Leaks Metropolitan Police Data After Failed Negotiations - The Hacker News
Researchers found three flaws in ACT e-voting system that could affect election outcomes - ZDNet
Researchers track down five affiliates of DarkSide ransomware service - ZDNet
Russia must do more to tackle cyber criminals operating from within its borders, says UK - ZDNet
Russia Proposes Encryption Keys Escrow to Fight Terrorism While Retaining User Privacy - TechNadu
Scammers aren’t always who we expect them to be: How AI and biometrics can help - Help Net Security
Security awareness training doesn’t solve human risk - Help Net Security
TeaBot Android banking Trojan targets banks in Europe - Security Affairs
Tens of Thousands of VoIP Devices From Around the Globe Are Publicly Exposed - TechNadu
Time to patch against FragAttacks but good luck with home routers and IoT devices - ZDNet
What the pipeline attack means for critical infrastructures - Help Net Security
When the adversarial view of the attack surface is missing, DX becomes riskier - Help Net Security

11/05
90% of security leaders view bot management as a top priority - Help Net Security
ACE Shuts Down the Operation of the “NTG” Release Group - TechNadu
Adobe fixes Reader zero-day vulnerability exploited in the wild - Bleeping Computer
American Startup Is Paying People $500 to Give Away Their Payroll Credentials - TechNadu
Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015 - Security Affairs
AXA to Stop Reimbursing Ransom Payments - InfoSecurity
CAM sector cybersecurity challenges and how to mitigate them - Help Net Security
Enterprises increasingly relying on open source software - Help Net Security
Everything you need to know about the Colonial Pipeline ransomware attack - ZDNet
Experts warn of a new Android banking trojan stealing users' credentials - The Hacker News
FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks - Security Affairs
GitHub shifts away from passwords with security key support for SSH Git operations - ZDNet
Google open sources cosign tool for verifying containers - Security Affairs
iPhone app tracking feature greyed out? Try this fix - ZDNet
Japanese Manufacturer Yamabiko Targeted by Babuk Ransomware - InfoSecurity
Learn Windows PowerShell scripting with this $20 course bundle - Bleeping Computer
Microsoft Defender ATP now secures networked Linux, macOS devices - Bleeping Computer
New Android Malware Called ‘TeaBot’ Is Spreading in Europe - TechNadu
Ransomware: Don't pay up, it just shows cyber criminals that attacks work, warns Home Secretary - ZDNet
Ransomware gang leaks data from Metropolitan Police Department - Bleeping Computer
Security Vs. Convenience: Navigating the Mobile World - Security Boulevard
The best CISOs think like Batman, not Superman - Help Net Security
U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack - The Hacker News
U.S Intelligence Agencies Warn About 5G Network Weaknesses - The Hacker News
Why threat hunting is obsolete without context - Help Net Security
Your Security Awareness Training Isn’t Working - Security Boulevard

10/05
A picture is worth a thousand words, but to hackers, it’s worth much more - Help Net Security
Amazon seized, destroyed two million fake products sent to warehouses in 2020 - ZDNet
Apple AirTag Was Hacked and Successfully Reprogrammed at Will - TechNadu
AXA pledges to stop reimbursing ransom payments for French ransomware victims - ZDNet
Bitcoin Security Rectifier app aims to make Bitcoin more secure - Help Net Security
Colonial Pipeline’s Ransomware Attack Sparks Emergency Declaration - ThreatPost
City of Tulsa's online services disrupted in ransomware incident - Bleeping Computer
‘DarkSide’ Is Probably Responsible for the Ransomware Attack Against Colonial Pipeline - TechNadu
Defending against Windows RDP attacks - Help Net Security
DX projects hindered by lack of collaboration between security and networking teams - Help Net Security
Exploiting common URL redirection methods to create effective phishing attacks - Help Net Security
FBI confirmed that Darkside ransomware gang hit Colonial Pipeline - Security Affairs
Federal Court Permits Warrantless Device Searches at Border - Security Boulevard
Getting a grip on basic cyber hygiene - Help Net Security
Group pleads guilty to running bulletproof hosting service for criminal gangs, malware payloads - ZDNet
How do I select a managed cybersecurity solution for my business? - Help Net Security
Is it still a good idea to require users to change their passwords? - The Hacker News
Japanese Power Tool Maker ‘Yamabiko’ Claimed as Victim by Babuk - TechNadu
Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks - ZDNet
NatWest Bank alerts customers of standing order blunder - Bleeping Computer
New competition allows cybersecurity leaders to test their knowledge and skills - Help Net Security
Parliamentary Services pulled MDM system offline causing March APH outage - ZDNet
Pipeline ransomware attack: US invokes emergency transport rules to keep fuel flowing - ZDNet
The Perils of a Running Start: Can You Skip SOC 2 Type 1? - Security Boulevard
Threat actors added thousands of Tor exit nodes to carry out SSL stripping attacks - Security Affairs
WhatsApp will not deactivate accounts for not accepting new privacy terms - Security Affairs

09/05
Cybersecurity and Compliance for Healthcare Organizations - Security Boulevard
Four Plead Guilty to Aiding Cyber Criminals with Bulletproof Hosting - The Hacker News
Largest US fuel pipeline system shut by ransomware attack - The Citizen
PayPal users urged to stay vigilant as scammers claim account 'has been suspended' - Express UK
Ransomware Attack Forces Top US Gas Pipeline to Halt Operations - Make Use Of
Ransomware Attack on US Crude Oil Grid; Colonial Pipeline Shuts Key Lime - International Business Time
Ransomware Attackers Up Ante as White House Vows Crack Down - Yahoo! News
Ransomware just got very real. And it's likely to get worse - ZDNet
South Korea to clamp down on cryptocurrency phishing activity - Wion News
User 'opt-in' rate for tracking across iOS sitting at 13% globally - ZDNet