NEWS: Maio (15/05 - 21/05) - 20 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

21/05

America’s small businesses aren’t ready for a cyberattack

Azerbaijan names main cyberattacks in its internet segment

Basic Steps To Prevent Cyber Attacks And Protect Yourself

Card-less cash withdrawals at ATMs to help reduce card phishing, cloning frauds

Catholic Bishops’ Conference of the Philippines (CBCP) warns of phishing scam

Data Protection Authority gives Guernsey firms a cyber security checklist

Easy Data-Driven Approaches To Bolster Cryptocurrency Security

Hackers steal Rs 7.3 cr in 831 transactions over three months from Razorpay

How A Data Breach Can Affect Your

How do I Protect my practice against cyber attacks?

How to manage your online privacy when streaming games

Internet Crime Is Off The Chain

Malicious PyPI package opens backdoors on Windows, Linux, and Macs

Massive Chicago Public Schools (CPS) data breach exposes records of 560,000 students, employees

Over 100 million cyber threats detected, blocked in UAE last year, Trend Micro says

Paying Ransoms is Not a Recovery Strategy

Paying the Ransomware Amount Often Doesn’t Get Businesses Their Data Back

Preventing identity theft and protecting yourself against scams has becoming more difficult

Ransomware attack exposes data of 500,000 Chicago students

What is spear phishing?

Why don’t we ever hear about ransomware demands in the tens of millions of dollars?

Yes, your data is for sale – Here’s what you can do to stop it

20/05

380K Kubernetes API Servers Exposed to Public Internet

Agricultural sector at risk of cyber attacks, study warns

"Alarming" Surge in Conti Group Activity This Year

April 2022 Healthcare Data Breach Report

Avoiding Risks by Using Secure Online Crypto Platform

Backdoor baked into premium school management plugin for WordPress

Beware of Fake Windows 11 Downloads Distributing Vidar Malware

Big data breach confirmed at Arnprior Regional Health

Brown Brothers Harriman & Co. Reports Leaked Client Information Resulting from Third-Party Data Breach

Canada bans Huawei and ZTE from 5G networks over security concerns

Catholic Bishops’ Conference of the Philippines (CBCP) warns public against phishing scam

Chatbot Army Deployed in Latest DHL Shipping Phish

China-linked Twisted Panda caught spying on Russian defense R&D

Chinese hackers target Russian defence research institutes

Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild

Closing the Gap Between Application Security and Observability

Consortium on School Networking (CoSN) Survey of IT Leaders Shows Ransomware Underestimated, Cybersecurity Still Woefully Understaffed

Cyber insurance premiums are hitting new highs

Cytrox's Predator Spyware Targeted Android Users with Zero-Day Exploits

Data Breach on Drug Enforcement Agency (DEA) Law Enforcement System Grants Cyber Criminals Access to 16 Databases

Data leak can lead to phone cloning, location tracking, says cybersecurity expert

Department of Justice (DoJ): White Hat Hackers Will No Longer Face Prosecution

Email is the riskiest channel for data security

Executives’ Personal Digital Lives are the Soft-Underbelly of Enterprise Security

Fake domains offer Windows 11 installers - but deliver malware instead

FBI and UK Warn of Hacking Risks of Modern Smart Farm Machinery

Group-IB presents its annual ransomware guidebook

Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor

How to ensure that the smart home doesn’t jeopardize data privacy?

Israel warns of ransomware attacks on cash registers

Kalamazoo Valley Community College (KVCC) forced to delay start of second summer semester due to cyber attack

Malicious Bots Had a Record Year in 2021

Microsoft: This botnet is growing fast and hunting for servers with weak passwords

Microsoft's out-of-band patch fixes Windows AD authentication failures

Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices

Modern "Smart" Farm Machinery Vulnerable to Cyber-Attackers

Most business leaders say they would just pay up if hit by a cyberattack

Netflix, T-Mobile, Amazon, Costco, Louis Vuitton, and Ray-Ban: Top Scams and Phishing Schemes of the Week

Netgear Says It Can’t Fix Multiple Vulnerabilities On Two Of Its Routers For Homeworkers

New report finds that extensive IT protocols are causing data leaks

North Korean Hackers Attempt To Spread Data Stealing Malware With Fake Press Releases

Online scams are on the rise, make your business cyber-safe

Packaged zero-day vulnerabilities on Android used for cyber surveillance attacks

Patient Data Leaked Following Cyberattack Against Atlanta Perinatal Associates

Pro-Russian Hackers Hit Critical Government Websites in Italy

QNAP NAS drives targeted by DeadBolt ransomware for the third time this year

Record level of bad bot traffic contributing to rise of online fraud

Researchers Find Backdoor in School Management Plugin for WordPress

Researchers Uncover Rust Supply-Chain Attack Targeting Cloud CI Pipelines

Russian Sberbank says it’s facing massive waves of DDoS attacks

Sandworm uses a new version of ArguePatch to attack targets in Ukraine

Schools should prep for ransomware with response and comms plans, experts say

Smart farm machines are weakness in food supply chains

Staying Protected Against Ongoing Uncertainty

The True Danger for Organizations: Unpatched Vulnerabilities

This app shows you how to make your iPhone more secure better than Apple does

Trust Stamp, a facial recognition company with a $7.2 million Immigration and Customs Enforcement (ICE) contract, had dozens of peoples' data exposed in breach

Two business-grade Netgear VPN routers have security vulnerabilities that can’t be fixed

UK Sextortion Cases Doubled in 2021

US Lawmakers Seek Uniform Policy on Nation-State Cyberattacks

What Is DNS Spoofing and How Is It Prevented?

Windows 11 hacked again at Pwn2Own, Telsa Model 3 also falls

19/05

7 Key Findings from the 2022 SaaS Security Survey Report

46% of organizations still store passwords in shared documents

API Security and Cloud: What you Need to Know

Bad Bots Swarm the Internet in Record Numbers in 2021

China-linked Space Pirates APT targets the Russian aerospace industry

CISA Issues Emergency Directive for VMware Vulnerabilities

CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws

Conti Ransomware Gang Threatens Costa Rica’s Government

CrowdStrike vs Sophos: EDR software comparison

Cyberattacks and misinformation activity against Ukraine continues say security researchers

Cyberattacks quietly launched by Russia before its invasion of Ukraine may have been more damaging than intended

Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act

Fortinet vs Palo Alto: Comparing EDR software

Google OAuth client library flaw allowed to deploy of malicious payloads

Half of IT Leaders Store Passwords in Shared Docs

High-Severity Bug Reported in Google's OAuth Client Library for Java

How do DevSecOps professionals feel about security becoming an around the clock job?

‘Incompetent’ Tesla Lets Hackers Steal Cars — via Bluetooth

Lazarus hackers target VMware servers with Log4Shell exploits

Many security engineers are already one foot out the door. Why?

Media giant Nikkei’s Asian unit hit by ransomware attack

Microsoft detects massive surge in Linux XorDDoS malware activity

Microsoft President: Cyber Space Has Become the New Domain of Warfare

Microsoft Teams, Windows 11 hacked on first day of Pwn2Own

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000

Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies

Phishing websites now use chatbots to steal your credentials

Prioritize patching vulnerabilities associated with ransomware

QNAP alerts NAS customers of new DeadBolt ransomware attacks

Ransom Demands Surge 45% in 2021

Ransomware gangs rely more on weaponizing vulnerabilities

Reachability and Risk: Tools for Security Leaders

Settlement in Solara Medical Supplies litigation gets preliminary approval

Surge in Malware Downloads Driven by SEO-Based Techniques

Texas Department of Insurance data breach affects millions; personal data of VPN users leaked on Telegram

Threat actors compromising US business online checkout pages to steal credit card information

This Russian botnet does far more than DDoS attacks - and on a massive scale

U.S. DOJ will no longer prosecute good-faith security researchers under CFAA

VMware issues critical fixes, CISA orders federal agencies to act immediately (CVE-2022-22972)

Washington Local School District in Toledo, Ohio hit by disruptive cyberattack

18/05

5 critical questions to test your ransomware preparedness

5 Key Factors to Consider for Dark Web Identity Monitoring

65% of IT help desk teams report unsustainable levels of stress

A look back at the ransomware attack on Visalia Unified, one year later

A Threat-Hunting Guide for Small Businesses

AcidRain Malware Shuts Down Thousands of Modems in Ukraine

Alleged data breach of 22.5 mil Malaysians didn’t come from National Registration Department

American healthcare company Omnicell reports ransomware attack

APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days

Beware The Tactics Used For CEO Fraud By BEC Scammers

Botnets, Telegram Helped Criminals Steal $163B in COVID Aid

Chinese ‘Space Pirates’ are hacking Russian aerospace firms

CISA shares guidance to block ongoing F5 BIG-IP attacks

Credential access is top risk for ransomware attacks

Critical Jupiter WordPress plugin flaws let hackers take over sites

Cyber Insurers Raise Rates Amid a Surge in Costly Hacks

Cybersecurity Agencies Share Most Common Attack Vectors for Initial Access and Recommended Mitigations

Data breach at Department of Insurance exposed personal information of 1.8 million Texans

Department of Justice (DOJ) Says Doctor is Malware Mastermind

DHS orders federal agencies to patch VMware bugs within 5 days

Digital Skimming is Now the Preserve of Non-Magecart Groups

Dis-Chem says it won't share more info on data breach that hit 3.6m clients

Easily migrate to the cloud with CIS Hardened Images

Fake crypto sites lure wannabe thieves by spamming login credentials

FBI and NSA say: Stop doing these 10 things that let the hackers in

FBI warning for all Apple and Android users reveals 10 things you have to do to stop hackers

Fix your IT weak spots to guarantee compliance

Google: These 'curated' open-source packages will improve software supply chain security

Hackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility

How to Protect Your Data When Ransomware Strikes

Incident Of The Week: Costa Rica embroiled in severe, ongoing cyber-attack

Malware is targeting crypto wallets, says Microsoft: Here's how to protect yourself better

Martin Lewis' MoneySavingExpert issues warning over £450 energy bill email

Microsoft warns of brute-force attacks targeting MSSQL servers

Microsoft Warns of "Cryware" Info-Stealing Malware Targeting Crypto Wallets

More than 90,000 South Australian public servants now involved in payroll data breach

Most ransomware victims pay up, but many never recover their data

National bank hit by ransomware trolls hackers with dick pics

One in five Australian businesses have paid or would pay a ransom for their data

Over half of successful phishing attacks end in data breach

Pacific Living Properties, Inc. Announces Data Breach

Personal Information of Nearly Two Million Texans Exposed

Pharmacy Giant Hit By Data Breach Affecting 3.6 Million Customers

Police Warn of £15m Courier Scams

Popularity of online payment goes hand-in-hand with fraud

Ransomware Attackers Get Short Shrift From Zambian Central Bank

Ransomware Attacks on Hospitals Put Patients at Risk

Ransomware group claims responsibility for Christus Health attack

Ransomware Vulnerabilities Spike by 7.6% in Q1 2022

Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang

Securing Your Cloud with Zero Trust and Least Privilege

Singapore sets up cybersecurity assessment, certification centre

Solara Medical Supplies Data Breach $9.76M Class Action Settlement

Some Mercyhurst University Servers Hit by Ransomware

Spanish police dismantle phishing gang that emptied bank accounts

The 5 Worst Ransomware Attacks and the Lessons We Can Learn?

The Growing Threat of Ransom DDoS Attacks Requires Effective Prevention and Mitigation

The SMB’s Guide to Advanced Persistent Threats

Tips To Protect Your Business From Cyberattacks

UK Government: Lack of Skills the Number One Issue in Cybersecurity

US recovers $15 million from global Kovter ad fraud operation

U.S. Warns Against North Korean Hackers Posing as IT Freelancers

U.S. warns of North Korean hackers posing as IT freelancers

VMware patches critical auth bypass flaw in multiple products

Western Allies Warn of Top Cyber-Attack Mistakes

Why you should install iOS 15.5 now

Wizard Spider hackers hire cold callers to scare ransomware victims into paying up

17/05

5 Network Security Threats Business Owners Should Know

76% of Organizations Admit to Paying Ransomware Criminals, with One-Third Still Unable to Recover Data

A Study By Netskope Highlights Just How Many Phishing Attacks Are Facilitated By Cloud Data Storage Apps

AGCO Corp (AGCO) Provides Update on Ransomware Cyber Attack

Australian CISOs least prepared for cyber attacks

Bluetooth Low Energy (BLE) vulnerability may be exploited to unlock cars, smart locks, building doors, smartphones

California Health Plan Faces Lawsuit After Cybersecurity Incident Linked to Hive Ransomware

Canadian CISOs more likely to push prevention than detection to fight ransomware: Survey

Cardiologist Charged for Developing Jigsaw v.2 and Thanos Ransomware

Cardiologist charged for use and sale of ransomware

CISA warns admins to patch actively exploited Spring, Zyxel bugs

CISOs worried about material attacks, boardroom backing

Conti ransomware group threatens to oust Costa Rica's government as crisis deepens

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

Cybercriminals Targeting Small and Medium Businesses

'Data Breach': Civil liberties org says data of Tennesseans among most shared in U.S.

Doctor Accused of Being Prolific Ransomware Developer

Emotet is the most common malware

‘Eternity malware’ offers Swiss Army knife of cybercrime tools

Facebook rated least safe e-commerce option in government rankings

FBI: Hackers used malicious PHP code to grab credit card data

Five Tips To Improve Your Small Business’ Account Security

Hackers are abusing free trials of business software to evade detection

Hackers can steal your Tesla Model 3, Y using new Bluetooth attack

Hackers target Tatsu WordPress plugin in millions of attacks

iPhones Vulnerable to Attack Even When Turned Off

Local Government's Guide to Minimizing the Risk of a Cyberattack

Medical doctor charged with creating the Thanos ransomware builder

New Sysrv Botnet Variant Hijacking Windows and Linux with Crypto Miners

New Sysrv-k Botnet Infecting Windows and Linux Systems with Cryptominer

NVIDIA fixes ten vulnerabilities in Windows GPU display drivers

Organizations Have Plans to Recover from Ransomware Attacks, but 82% Don't Adequately Back Up Data for Successful Recovery

Over 200 Apps on Play Store Caught Spying on Android Users Using Facestealer

Phishing Pop-ups Appearing on Major Cryptocurrency Websites

Ransomware Gang Extorted 725 BTC in One Attack, On-Chain Sleuths Find

Ransomware gang threatens Costa Rica govt

Ransomware Hits American Healthcare Company Omnicell

Remote work hazards: Attackers exploit weak WiFi, endpoints, and the cloud

Russia accused of cyberattack on American company just before invading Ukraine

Surfshark Cybercrime Study Reveals Most Victimized Nations; UK, USA and Canada Top 3

The cost of ransomware attacks has more than doubled. Here's how companies can prevent and plan for these attacks, according to experts

The New Era of Cyber-Attacks - Who is Most at Risk This Year?

Top five recent cyber-attacks you should know about

U.S. Charges Venezuelan Doctor for Using and Selling Thanos Ransomware

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

US indicts heart doctor for allegedly spearheading high-profile ransomware operations

US manufacturing giant Parker discloses data breach after a ransomware attack

What is a Cyber Security Audit and Why is it Important?

What Is Rootkit? Definition, Detection, Removal, and Prevention Best Practices for 2022

Why cyber security can’t just say “no“

16/05

7 Dangers To Watch Out On The Internet And Stay Safe

79% of organizations have activated a disaster recovery response within the past 12 months

A Passwordless Future: Four Key Considerations

Alberta Health Services (AHS) cybersecurity head warns of 'large number of attacks' using health body's name

APAC Companies Severely Underreport Ransomware Attacks

Apple emergency update fixes zero-day used to hack Macs, Watches

Are period tracking apps safe?

Attackers can Install Malware on iPhone When it is Powered Off – Research

Brazilian e-commerce firm Americanas reports multimillion-dollar loss following cyberattack

Central Bedfordshire Council slammed as 'incompetent' after special educational needs data leak

CISA, Int’l Cybersecurity Bodies Issue Advisory to MSPs

CISA 'temporarily' removes Windows vulnerability from its must-patch list

Costa Rica declares national emergency amid Conti cyberattacks

Crypto is crumbling, and DeFi hacks are getting worse

Cyber attacks are now a high risk for businesses

Cyber insurance helps cover losses caused by hacking & virus attacks

Data breach that led to details of children being published online passed through two sets of Central Beds Council officers

Dear Board Members, Cybersecurity Is Your Problem Too

Defending the Healthcare Security Landscape in the Age of Connected Devices

Elgin data breach 'devastating' for victims at risk of identity theft: Experts

Engineering firm Parker discloses data breach after ransomware attack

Eternity Project: You can pay $260 for a stealer and $490 for a ransomware

Etherscan, CoinGecko warn against ongoing MetaMask phishing attacks

EU’s NIS 2 Directive to strengthen cybersecurity requirements for companies

Europeans' data shared 376 times daily in advertising sales, report says

‘Facestealer’ malware remains a quiet scourge in Google Play Store apps

Fake Clickjacking Bug Bounty Reports: The Key Facts

Google: Here comes our 'Open Source Maintenance Crew'

Google-led internet giants behind ‘biggest data breach ever recorded’

How And Why Businesses Should Strengthen Their Cybersecurity

How Encryption Helps Restore Cloud Security Integrity

Iran’s COBALT MIRAGE Threat Group Behind Ransomware Attacks in US

Ireland: Fraudsters Will Use Movement Of Bank Accounts To Target Consumers

Italian Police Foil Pro-Russia Attacks on Eurovision

Kaspersky trends report shows evolution of ransomware groups

Log4j Vulnerability – What do Tech Flaws Mean for Your Business?

Microsoft Identifies Botnet Variant Targeting Windows and Linux Systems

Microsoft warns: This botnet has new tricks to target Linux and Windows systems

Nasty Zyxel remote execution bug is being exploited

Over 20,000 Zyxel Firewalls Still Exposed to Critical Bug

Privacy As Enabling Technology

Privacy by Design laws will kill your data pipelines

Public sector security has to remain a priority

Ransom Amounts in Cyber Attacks Decrease by 44% in Q4 2021 Despite Record Breaking Third Quarter

Recovering from a cybersecurity earthquake: The lessons organizations must learn

Report spotlights vast scale of adtech’s ‘biggest data breach’

Researchers Find Potential Way to Run Malware on iPhone Even When it's OFF

Researchers warn of APTs, data leaks as serious threats against UK financial sector

Researchers Warn of "Eternity Project" Malware Service Being Sold via Telegram

Rise in cybercrime, 4,000% increase in phishing emails: Infoblox Cyber Threat Report

Rise Of Cyber Fraud Crimes In Today's Fast-Paced Meta World

Singapore authorities warn of ransomware in form of Windows OS update

The downside of ‘debugging’ ransomware

The most insecure and easily hackable passwords (VIDEO)

'The People Hacker' Jenny Radcliffe Inducted into Infosecurity Europe's Hall of Fame

This phishing attack delivers three forms of malware. And they all want to steal your data

UK Sets Out Nuclear Cybersecurity Strategy

Ukraine supporters in Germany targeted with PowerShell RAT malware

Ukrainian national sentenced to 4 years in prison for selling access to hacked servers

What is Test Automation Pyramid? How To Use It in Agile Software Development?

Where do federal agencies stand with zero trust implementation?

15/05

5 Most Effective Ways To Protect Yourself From A Crypto Scam

6 Common Mistakes to Avoid if You Want to Maximize Your Cyber Insurance Claim Recovery

Businesses Could Lose Money from QR Codes

College Closing Another Sad Milestone for Ransomware Impact

Europe Agrees to Adopt New NIS2 Directive Aimed at Hardening Cybersecurity

Fake Pixelmon NFT site infects you with password-stealing malware

Hackers are exploiting critical bug in Zyxel firewalls and VPNs

How smooth-talking data thieves can steal all your money

May 08 – May 14 Ukraine – Russia the silent cyber conflict

Ministers refuse to release details of cyber attacks hitting Scottish public bodies once a month

Multiple DeFi Protocols Compromised In GoDaddy Hack

NFT scams: How to avoid becoming a victim

Police Warns of a Fake Windows Update That Locks Up Victims’ Data

Singapore launches safety rating scheme for e-commerce sites

To escape discovery, ransomware criminals use different strategies

Top 10 Cloud-Based Cybersecurity Threats Organizations Face Today

Top 10 Common Cybersecurity Vulnerabilities that You Should be Aware of

Ukrainian Hacker Jailed for 4-Years in U.S. for Selling Access to Hacked Servers

NEWS: Abril (08/05 - 14/05) - 19 Semana de 2022