NEWS: Maio (16/05 - 22/05) - 20 Semana de 2021

22/05

Air India cyber-attack: Data of millions of customers compromised - BBC News

Air India Hacked and the Data of 4.5 Million Passengers Leaked - TechNadu

Australian hospitals and universities need enhanced cybersecurity: online experts - Illinois News Today

Bizarro banking malware targets 70 banks in Europe and South America - Bleeping Computer

Cybersecuring Work From Home: How to start ensuring data security in an organization with WFH - The Tech Panda

Data breach victim Clic Santé website - Inside Wales Sport

Domino’s Pizza Had 13 TB of Its Order Data Stolen and Leaked by a Hacker in India - TechNadu

Firm tracked DarkSide gang ransomware payments and the massive sums paid - Fox Business

Gas prices begin to steady after last week's Colonial Pipeline shutdown - The Hill

German cyber security chief fears hackers could target hospitals - Reuters

Hackers may have handed over key to unlock HSE files to show they 'can be trusted' - Sunday World

Ministry of Health and Social Services (MSSS) on Origin of the Data Breach on the Clic Santé website - Awani Review

Police warning over census 'fraudsters' - Manx Radio

Ransomware Moves from 'Economic Nuisance' to National Security Threat - VOA News

Resort Municipality of Whistler sues Pique over ransomware coverage - Squamish Chief

Tulsa computer system hacks stopped by security shutdown - Bradenton Herald

Verizon details cloud cybercrime roots in data breach report - Venturebeat

21/05

12,000 Jordan Valley Community Health Center patients affected by big nationwide data breach - Springfield News

Air India data breach impacts 4.5 million customers - Bleeping Computer

Air India reports mega data breach, credit cards, passport details and more hacked - ANI News

Australian telco sector looking down the barrel of a prescribed security standard - ZDNet

C-level cybersecurity attitudes as enterprises embrace the everywhere workplace - Help Net Security

CaptureRx data breach compromised 1.6M individuals' data: 13 hospitals, healthcare providers affected - Becker's Health IT

Cloud Misconfiguration Exposes 100M+ Android Users - Info Security

Cybersecurity, emerging technology and systemic risk: What it means for the medical device industry? - Help Net Security

DarkSide affiliates claim gang's bitcoins in deposit on hacker forum - Bleeping Computer

Data breach exposes Adirondack Health patient information - Adirondack Daily Enterprise

Domino's Data Breach: Customers' Location, 18 Cr Mobile Numbers Allegedly Leaked On Dark Web - ABP Live

E-commerce giant suffers major data breach in Codecov incident - Bleeping Computer

Email Campaign Spreads StrRAT Fake-Ransomware RAT - ThreatPost

Florida water treatment plant was involved in second security incident before poisoning attempt: report - ZDNet

How Remote Work Changes Where we Work and Live - Security Boulevard

If you get a voicemail about a recent Amazon purchase you didn’t make, ignore it - Komando

Insecure Protocols: SMBv1, LLMNR, NTLM, and HTTP - CSO Online

Irish court issues injunction against Conti hackers to stop health service data exposure, sale - ZDNet

LinkedIn Security Warning: Malware Sent via Fake Job Offers - IBM Security Intelligence

Microsoft SimuLand, an open-source lab environment to simulate attack scenarios - Security Affairs

Microsoft Warns About the Evolution of the ‘Phorpiex’ Worm - TechNadu

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware - The Hacker News

Mobile stalkerware is on the rise - Help Net Security

QNAP confirms Qlocker ransomware used HBS backdoor account - Bleeping Computer

Ransomware Gangs 'Playing Games' With Victims and Public - Bank Info Security

Ransomware Susceptibility Index Spells Trouble for Pharma - Security Boulevard

Sierra College Computer System Shut Down by Ransomware - Government Technology

Sierra College responding to ransomware attack during finals week - EDScoop

Social Security Data Breach Exposes Virtually All Indonesians to Digital Fraud Risks - Jakarta Globe

The Irish Health Services Received the Ransomware Decryption Key for Free - TechNadu

Three smart ways SMBs can improve cybersecurity - Help Net Security

Top application security challenges: Bad bots, broken APIs, and supply chain attacks - Help Net Security

US Chamber Asks Government To Get More Involved In Ransomware Defense - NextGOV

20/05

23 Android Apps Expose Over 100,000,000 Users' Personal Data - The Hacker News

3.4 billion credential stuffing attacks hit financial services organizations - Help Net Security

661 fines issued since GDPR became enforceable, totaling €292 million - Help Net Security

A dozen Android apps exposed data of 100M+ users - Security Affairs

A Small Set of Android Apps Exposed the Data of Over 100 Million Users - TechNadu

AFP using a squad of good boys to detect devices such as USBs and SIM cards - ZDNet

Android apps exposed data of millions of users through cloud authentication failures - ZDNet

Apple isn't happy about the amount of Mac malware out there - ZDNet

Application level data protection hindered by misperceptions and complexities - Help Net Security

Businesses embracing cloud more than ever - Help Net Security

ByteDance CEO to step down, focus on 'long-term' strategy - ZDNet

Collaboration between network access brokers and ransomware actors deepens - Help Net Security

Colonial Pipeline CEO: Paying DarkSide ransom was the ‘right thing to do for the country’ - ZDNet

Comcast now blocks BGP hijacking attacks and route leaks with RPKI - Bleeping Computer

Conti ransomware gives HSE Ireland free decryptor, still selling data - Bleeping Computer

Data Brokers Are Selling User Details of 300 Turkish Betting Sites - TechNadu

Data of 100+ million Android users exposed via misconfigured cloud services - Bleeping Computer

Domain Group says phishing attack targeted site users - ZDNet

Fake Chrome Extensions: Google Asleep at the Switch - Security Boulevard

Google Says Update to Android May Patch or Live With Actively Exploited Bugs - TechNadu

Google warns: These four Android flaws are now under attack - ZDNet

Healthcare organizations in Ireland, New Zealand and Canada facing intrusions and ransomware attacks - ZDNet

How to glean user insight while respecting personal privacy - Help Net Security

Irish High Court issues injunction to prevent HSE data leak - Bleeping Computer

Is Single Sign-On Enough to Secure Your SaaS Applications? - The Hacker News

Microsoft: Massive malware campaign delivers fake ransomware - Bleeping Computer

Singapore orders Facebook, Twitter to post correction notice on COVID variant falsehoods - ZDNet

Slack is down, massive outage blocks user logins and messages - Bleeping Computer

SolarWinds CEO Says Intrusion Goes Much Further Back Than Initially Estimated - TechNadu

Spammers flood PyPI with pirated movie links and bogus packages - Bleeping Computer

STRRAT RAT spreads masquerading as ransomware - Security Affairs

Twitter rolls out new verification process to get your "blue check" - Bleeping Computer

Why passwordless is not always passwordless - Help Net Security

19/05

Biden Administration Takes First Step in Energy Cybersecurity Strengthening With $22 Billion Funding - TechNadu

Biden EO Has Teeth, But May Prove Difficult to Implement - Security Boulevard

China reiterates warning against cryptocurrency use in transactions - ZDNet

DarkSide ransomware made $90 million since October 2020 - Security Affairs

Do customers have a right to know how companies that use algorithms make their decisions? - Help Net Security

Eftpos expands trial of age checks for online booze sales - ZDNet

Endpoint security: How to shore up practices for a safer remote enterprise - Help Net Security

Firefox testing Site Isolation feature that puts each site into a separate process - ZDNet

Hetzner cloud server provider bans cryptocurrency mining - Bleeping Computer

How to deal with ransomware attacks - Help Net Security

MountLocker ransomware uses Windows API to worm through networks - Bleeping Computer

New Banking Trojan ‘Bizarro’ Circulating Around Europe and South America - TechNadu

Recent Windows 10 update blocks Microsoft Teams, Outlook logins - Bleeping Computer

Security doesn’t always require immediacy - Help Net Security

The basics of security code review - Help Net Security

The zero trust security market continues to grow - Help Net Security

This is how the Cobalt Strike penetration testing tool is being abused by cybercriminals - ZDNet

University of Minnesota researchers fail to understand consent - Help Net Security

WAFaaS: When ‘As-A-Service’ Means ‘Bad Service’ - Security Boulevard

18/05

1Password releases full-featured Linux desktop application - ZDNet

70 European and South American Banks Under Attack By Bizarro Banking Malware - The Hacker News

Accellion Data Breach Highlights Third-Party Risk - Security Boulevard

After just 9 months, Darkside ransomware gang brings in $90 million in Bitcoin - ZDNet

Analysis of NoCry ransomware: A variant of the Judge ransomware - Security Affairs

Antivirus software, explained - ZDNet

Bizarro banking Trojan targets banks in Brazil and abroad - Security Affairs

Chrome now automatically fixes breached passwords on Android - Bleeping Computer

DarkSide ransomware made $90 million in just nine months - Bleeping Computer

Detecting attackers obfuscating their IP address inside AWS - Help Net Security

Discovery of Simps Botnet Leads To Ties to Keksec Group - Security Affairs

Double-extortion ransomware attacks on the rise - Help Net Security

Enterprise leaders now see cybersecurity as a business advantage - Help Net Security

European Council extends sanctions against foreign threat actors - Security Affairs

Experts Reveal Over 150 Ways to Steal Control of 58 Android Stalkerware Apps - The Hacker News

FBI says cybercrime complaints more than doubled in 14 months - Bleeping Computer

Google beefs up Workspace security with these new features - ZDNet

Google I/O 2021: Chrome can fix compromised passwords - ZDNet

Hackers are leveling up and catching healthcare off-guard - Help Net Security

Hacker Tools Used for Good as Exposed Amazon Cloud Storage Accounts Get Warnings - Security Boulevard

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps - The Hacker News

How to download the Windows 10 21H1 ISO from Microsoft - Bleeping Computer

Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations - Help Net Security

Irish Health Service Says It Will Take Weeks and Tens of Millions of Euros to Get Back Online - TechNadu

Is Automation the Answer to Security Fears? - Security Boulevard

Is MAC Address-Based Smartphone Tracking Still Possible? - TechNadu

NVIDIA cripples cryptocurrency mining on RTX 3080 and 3070 cards - Bleeping Computer

RaaS gangs go “private” after stirring a hornet’s nest - Help Net Security

Security Researchers Released New Jailbreak for RokuOS v9.4.0 - TechNadu

The Trinidad & Tobago Government Threatens Streaming Pirates With Imprisonment Sentences - TechNadu

17/05

2021 Verizon Data Breach Investigations Report Is Out - Security Boulevard

85% of breaches involve the human element - Help Net Security

Android stalkerware, a danger for victims and stalkers - Security Affairs

‘Citygate Global’ Exposed Hundreds of Thousands of Customer Records - TechNadu

Conti ransomware demanded $20M ransom to Ireland Health Service Executive - Security Affairs

CrowdStrike Deepens Security Ties with Google - Security Boulevard

Cyber investigations, threat hunting and research: More art than science - Help Net Security

Cybersecurity: How talking about mistakes can make everyone safer - ZDNet

DarkSide Ransomware Gang Struck Down — but by Whom? - Security Boulevard

Dealing with ransomware attacks: What options do you have? - Help Net Security

Expert released PoC exploit code for Windows CVE-2021-31166 bug - Security Affairs

Experts Warn About Ongoing AutoHotkey-Based Malware Attacks - The Hacker News

Exploit released for wormable Windows HTTP vulnerability - Bleeping Computer

FBI spots spear-phishing posing as Truist Bank bank to deliver malware - Bleeping Computer

FBI warns of scammers targeting families of missing persons - Bleeping Computer

Google gives predictions for the future of security - ZDNet

How prepared is the intelligence community to tackle possible threats? - Help Net Security

Most organizations fail to fix cloud misconfiguration issues in a timely manner - Help Net Security

Privacy regulations making cloud migration complex - Help Net Security

Ransomware victim shows why transparency in attacks matters - Bleeping Computer

Simplicity is the Necessary Killer Security Feature - Security Boulevard

UK govt seeks advice on defending against supply-chain cyberattacks - Bleeping Computer

Ukraine Officials Say the Formation of a “Cybertroops” Force Is Underway - TechNadu

Uprooting Webshells Is Key in Dealing With Compromised Exchange Servers - TechNadu

U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized - The Hacker News

Vulnerability in popular browsers could be used to track, profile users online - Help Net Security

Why Password Hygiene Needs a Reboot - The Hacker News

16/05

After dropping support for ransom payments, AXA struck by ransomware in Asia - SiliconAngle

DarkSide ransomware gang shuts shop following ‘law enforcement request’ - teiss

Galway University Hospitals and Portiuncula University Hospital issue update on disruption to services - Connacht Tribune

Herff Jones credit card breach impacts college students across the US - Bleeping Computer

How ransomware ecosystem operates - The Hindu Business Line

How the Ransomware attack on the HSE will affect services in Offaly this week - Offaly Express

More ransomware websites disappear in aftermath of Colonial Pipeline hack - Reuters

Ransomware attack - the impact on hospital services at Galway University Hospitals - Galway Advertiser

Ransomware attack continuing to have considerable impact on services at Mayo University Hospital - MidWest Radio

The bizarre story of the inventor of ransomware - CNN Business

Updated information on hospital service cancellations at LUH - Highland Radio

US Feds say a lack of reporting poses barrier to cyber defence - The Star

NEWS: Maio (09/05 - 15/05) - 19 Semana de 2021