NEWS: Maio (16/05 - 22/05) - 20 Semana de 2021

22/05
Air India cyber-attack: Data of millions of customers compromised - BBC News
Air India Hacked and the Data of 4.5 Million Passengers Leaked - TechNadu
Australian hospitals and universities need enhanced cybersecurity: online experts - Illinois News Today
Bizarro banking malware targets 70 banks in Europe and South America - Bleeping Computer
Cybersecuring Work From Home: How to start ensuring data security in an organization with WFH - The Tech Panda
Data breach victim Clic Santé website - Inside Wales Sport
Domino’s Pizza Had 13 TB of Its Order Data Stolen and Leaked by a Hacker in India - TechNadu
Firm tracked DarkSide gang ransomware payments and the massive sums paid - Fox Business
Gas prices begin to steady after last week's Colonial Pipeline shutdown - The Hill
German cyber security chief fears hackers could target hospitals - Reuters
Hackers may have handed over key to unlock HSE files to show they 'can be trusted' - Sunday World
Ministry of Health and Social Services (MSSS) on Origin of the Data Breach on the Clic Santé website - Awani Review
Police warning over census 'fraudsters' - Manx Radio
Ransomware Moves from 'Economic Nuisance' to National Security Threat - VOA News
Resort Municipality of Whistler sues Pique over ransomware coverage - Squamish Chief
Tulsa computer system hacks stopped by security shutdown - Bradenton Herald
Verizon details cloud cybercrime roots in data breach report - Venturebeat

21/05
12,000 Jordan Valley Community Health Center patients affected by big nationwide data breach - Springfield News
Air India data breach impacts 4.5 million customers - Bleeping Computer
Air India reports mega data breach, credit cards, passport details and more hacked - ANI News
Australian telco sector looking down the barrel of a prescribed security standard - ZDNet
C-level cybersecurity attitudes as enterprises embrace the everywhere workplace - Help Net Security
CaptureRx data breach compromised 1.6M individuals' data: 13 hospitals, healthcare providers affected - Becker's Health IT
Cloud Misconfiguration Exposes 100M+ Android Users - Info Security
Cybersecurity, emerging technology and systemic risk: What it means for the medical device industry? - Help Net Security
DarkSide affiliates claim gang's bitcoins in deposit on hacker forum - Bleeping Computer
Data breach exposes Adirondack Health patient information - Adirondack Daily Enterprise
Domino's Data Breach: Customers' Location, 18 Cr Mobile Numbers Allegedly Leaked On Dark Web - ABP Live
E-commerce giant suffers major data breach in Codecov incident - Bleeping Computer
Email Campaign Spreads StrRAT Fake-Ransomware RAT - ThreatPost
How Remote Work Changes Where we Work and Live - Security Boulevard
If you get a voicemail about a recent Amazon purchase you didn’t make, ignore it - Komando
Insecure Protocols: SMBv1, LLMNR, NTLM, and HTTP - CSO Online
Irish court issues injunction against Conti hackers to stop health service data exposure, sale - ZDNet
LinkedIn Security Warning: Malware Sent via Fake Job Offers - IBM Security Intelligence
Microsoft SimuLand, an open-source lab environment to simulate attack scenarios - Security Affairs
Microsoft Warns About the Evolution of the ‘Phorpiex’ Worm - TechNadu
Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware - The Hacker News
Mobile stalkerware is on the rise - Help Net Security
QNAP confirms Qlocker ransomware used HBS backdoor account - Bleeping Computer
Ransomware Gangs 'Playing Games' With Victims and Public - Bank Info Security
Ransomware Susceptibility Index Spells Trouble for Pharma - Security Boulevard
Sierra College Computer System Shut Down by Ransomware - Government Technology
Sierra College responding to ransomware attack during finals week - EDScoop
Social Security Data Breach Exposes Virtually All Indonesians to Digital Fraud Risks - Jakarta Globe
The Irish Health Services Received the Ransomware Decryption Key for Free - TechNadu
Three smart ways SMBs can improve cybersecurity - Help Net Security
Top application security challenges: Bad bots, broken APIs, and supply chain attacks - Help Net Security
US Chamber Asks Government To Get More Involved In Ransomware Defense - NextGOV

20/05
23 Android Apps Expose Over 100,000,000 Users' Personal Data - The Hacker News
3.4 billion credential stuffing attacks hit financial services organizations - Help Net Security
661 fines issued since GDPR became enforceable, totaling €292 million - Help Net Security
A dozen Android apps exposed data of 100M+ users - Security Affairs
A Small Set of Android Apps Exposed the Data of Over 100 Million Users - TechNadu
AFP using a squad of good boys to detect devices such as USBs and SIM cards - ZDNet
Android apps exposed data of millions of users through cloud authentication failures - ZDNet
Apple isn't happy about the amount of Mac malware out there - ZDNet
Application level data protection hindered by misperceptions and complexities - Help Net Security
Businesses embracing cloud more than ever - Help Net Security
ByteDance CEO to step down, focus on 'long-term' strategy - ZDNet
Collaboration between network access brokers and ransomware actors deepens - Help Net Security
Colonial Pipeline CEO: Paying DarkSide ransom was the ‘right thing to do for the country’ - ZDNet
Comcast now blocks BGP hijacking attacks and route leaks with RPKI - Bleeping Computer
Conti ransomware gives HSE Ireland free decryptor, still selling data - Bleeping Computer
Data Brokers Are Selling User Details of 300 Turkish Betting Sites - TechNadu
Data of 100+ million Android users exposed via misconfigured cloud services - Bleeping Computer
Domain Group says phishing attack targeted site users - ZDNet
Fake Chrome Extensions: Google Asleep at the Switch - Security Boulevard
Google Says Update to Android May Patch or Live With Actively Exploited Bugs - TechNadu
Google warns: These four Android flaws are now under attack - ZDNet
Healthcare organizations in Ireland, New Zealand and Canada facing intrusions and ransomware attacks - ZDNet
How to glean user insight while respecting personal privacy - Help Net Security
Irish High Court issues injunction to prevent HSE data leak - Bleeping Computer
Is Single Sign-On Enough to Secure Your SaaS Applications? - The Hacker News
Microsoft: Massive malware campaign delivers fake ransomware - Bleeping Computer
Singapore orders Facebook, Twitter to post correction notice on COVID variant falsehoods - ZDNet
Slack is down, massive outage blocks user logins and messages - Bleeping Computer
SolarWinds CEO Says Intrusion Goes Much Further Back Than Initially Estimated - TechNadu
Spammers flood PyPI with pirated movie links and bogus packages - Bleeping Computer
STRRAT RAT spreads masquerading as ransomware - Security Affairs
Twitter rolls out new verification process to get your "blue check" - Bleeping Computer
Why passwordless is not always passwordless - Help Net Security

19/05
Biden Administration Takes First Step in Energy Cybersecurity Strengthening With $22 Billion Funding - TechNadu
Biden EO Has Teeth, But May Prove Difficult to Implement - Security Boulevard
China reiterates warning against cryptocurrency use in transactions - ZDNet
DarkSide ransomware made $90 million since October 2020 - Security Affairs
Do customers have a right to know how companies that use algorithms make their decisions? - Help Net Security
Eftpos expands trial of age checks for online booze sales - ZDNet
Endpoint security: How to shore up practices for a safer remote enterprise - Help Net Security
Firefox testing Site Isolation feature that puts each site into a separate process - ZDNet
Hetzner cloud server provider bans cryptocurrency mining - Bleeping Computer
How to deal with ransomware attacks - Help Net Security
MountLocker ransomware uses Windows API to worm through networks - Bleeping Computer
New Banking Trojan ‘Bizarro’ Circulating Around Europe and South America - TechNadu
Recent Windows 10 update blocks Microsoft Teams, Outlook logins - Bleeping Computer
Security doesn’t always require immediacy - Help Net Security
The basics of security code review - Help Net Security
The zero trust security market continues to grow - Help Net Security
This is how the Cobalt Strike penetration testing tool is being abused by cybercriminals - ZDNet
University of Minnesota researchers fail to understand consent - Help Net Security
WAFaaS: When ‘As-A-Service’ Means ‘Bad Service’ - Security Boulevard

18/05
1Password releases full-featured Linux desktop application - ZDNet
70 European and South American Banks Under Attack By Bizarro Banking Malware - The Hacker News
Accellion Data Breach Highlights Third-Party Risk - Security Boulevard
After just 9 months, Darkside ransomware gang brings in $90 million in Bitcoin - ZDNet
Analysis of NoCry ransomware: A variant of the Judge ransomware - Security Affairs
Antivirus software, explained - ZDNet
Bizarro banking Trojan targets banks in Brazil and abroad - Security Affairs
Chrome now automatically fixes breached passwords on Android - Bleeping Computer
DarkSide ransomware made $90 million in just nine months - Bleeping Computer
Detecting attackers obfuscating their IP address inside AWS - Help Net Security
Discovery of Simps Botnet Leads To Ties to Keksec Group - Security Affairs
Double-extortion ransomware attacks on the rise - Help Net Security
Enterprise leaders now see cybersecurity as a business advantage - Help Net Security
European Council extends sanctions against foreign threat actors - Security Affairs
Experts Reveal Over 150 Ways to Steal Control of 58 Android Stalkerware Apps - The Hacker News
FBI says cybercrime complaints more than doubled in 14 months - Bleeping Computer
Google beefs up Workspace security with these new features - ZDNet
Google I/O 2021: Chrome can fix compromised passwords - ZDNet
Hackers are leveling up and catching healthcare off-guard - Help Net Security
Hacker Tools Used for Good as Exposed Amazon Cloud Storage Accounts Get Warnings - Security Boulevard
How Apple Gave Chinese Government Access to iCloud Data and Censored Apps - The Hacker News
How to download the Windows 10 21H1 ISO from Microsoft - Bleeping Computer
Identifying and addressing critical OT asset vulnerabilities in 24/7 industrial operations - Help Net Security
Irish Health Service Says It Will Take Weeks and Tens of Millions of Euros to Get Back Online - TechNadu
Is Automation the Answer to Security Fears? - Security Boulevard
Is MAC Address-Based Smartphone Tracking Still Possible? - TechNadu
NVIDIA cripples cryptocurrency mining on RTX 3080 and 3070 cards - Bleeping Computer
RaaS gangs go “private” after stirring a hornet’s nest - Help Net Security
Security Researchers Released New Jailbreak for RokuOS v9.4.0 - TechNadu
The Trinidad & Tobago Government Threatens Streaming Pirates With Imprisonment Sentences - TechNadu

17/05
2021 Verizon Data Breach Investigations Report Is Out - Security Boulevard
85% of breaches involve the human element - Help Net Security
Android stalkerware, a danger for victims and stalkers - Security Affairs
‘Citygate Global’ Exposed Hundreds of Thousands of Customer Records - TechNadu
Conti ransomware demanded $20M ransom to Ireland Health Service Executive - Security Affairs
CrowdStrike Deepens Security Ties with Google - Security Boulevard
Cyber investigations, threat hunting and research: More art than science - Help Net Security
Cybersecurity: How talking about mistakes can make everyone safer - ZDNet
DarkSide Ransomware Gang Struck Down — but by Whom? - Security Boulevard
Dealing with ransomware attacks: What options do you have? - Help Net Security
Expert released PoC exploit code for Windows CVE-2021-31166 bug - Security Affairs
Experts Warn About Ongoing AutoHotkey-Based Malware Attacks - The Hacker News
Exploit released for wormable Windows HTTP vulnerability - Bleeping Computer
FBI spots spear-phishing posing as Truist Bank bank to deliver malware - Bleeping Computer
FBI warns of scammers targeting families of missing persons - Bleeping Computer
Google gives predictions for the future of security - ZDNet
How prepared is the intelligence community to tackle possible threats? - Help Net Security
Most organizations fail to fix cloud misconfiguration issues in a timely manner - Help Net Security
Privacy regulations making cloud migration complex - Help Net Security
Ransomware victim shows why transparency in attacks matters - Bleeping Computer
Simplicity is the Necessary Killer Security Feature - Security Boulevard
UK govt seeks advice on defending against supply-chain cyberattacks - Bleeping Computer
Ukraine Officials Say the Formation of a “Cybertroops” Force Is Underway - TechNadu
Uprooting Webshells Is Key in Dealing With Compromised Exchange Servers - TechNadu
U.S. Pipeline Ransomware Attackers Go Dark After Servers and Bitcoin Are Seized - The Hacker News
Vulnerability in popular browsers could be used to track, profile users online - Help Net Security
Why Password Hygiene Needs a Reboot - The Hacker News

16/05
After dropping support for ransom payments, AXA struck by ransomware in Asia - SiliconAngle
DarkSide ransomware gang shuts shop following ‘law enforcement request’ - teiss
Galway University Hospitals and Portiuncula University Hospital issue update on disruption to services - Connacht Tribune
Herff Jones credit card breach impacts college students across the US - Bleeping Computer
How ransomware ecosystem operates - The Hindu Business Line
How the Ransomware attack on the HSE will affect services in Offaly this week - Offaly Express
More ransomware websites disappear in aftermath of Colonial Pipeline hack - Reuters