NEWS: Maio (22/05 - 28/05) - 21 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

28/06

4 Ways Digital Privacy and Security Have Improved In 2022

18 oil and gas companies pledge to cooperate against cyber attacks

142 million data records stolen from MGM resorts published on Telegram

A unified cyber security strategy is the key to protecting businesses

BlackCat ransomware gang targets Austrian state, demands a $5m ransom

Cyberattack against Regina Public Schools likely ransomware

Cybersecurity: The Risks When A Cybercriminal Obtains A Home Address

FBI raises alarm about the emergence of the vicious BlackCat ransomware gang

Four in 10 Australian SMEs hit by cyberattacks during pandemic

General Motors' customer accounts breached in a credential-stuffing attack

Google Chrome only blocking a quarter of phishing websites

How scammers steal NFTs and cryptos from Twitter users

INTERPOL nabs the head of a transnational cyber crime syndicate in Nigeria

Key concerns about online payments and ways to overcome them

LAPSUS$ struck T-Mobile multiple times in March, stole source codes

Microsoft Finds Critical Bugs in Pre-Installed Apps on Millions of Android Devices

New Ransomware Gang GoodWill Feeds ‘Poor Kids’ with KFC or Pizza Through its Victims

Port of London Authority suffers a DDoS attack, Iranian threat group claims responsibility

Regina Public Schools remain offline, cyber attack confirmed

Why higher education should care about cybersecurity

27/06

$1.5 Million worth of Moonbirds NFTs are stolen by hackers in a phishing attack

5 Ways to Improve and Optimize Your Company’s Data Security Program

80% of consumers prefer ID verification when selecting online brands

A matter of (zero) trust: the crux of security for modern businesses

Android Trojan ERMAC is back, hackers are paying over 3.5 lakh Rupees per month for access to 467 apps to rob you

Após ataque hacker, totens do Aeroporto Santos Dumont passam a exibir vídeo pornô

Apple ID, Amazon, Citibank, iPhone 12 Raffle, and MORE: Top Scams and Phishing Schemes of the Week

Are Your Social Accounts At Risk?

Ataque hacker coloca vídeo pornô em totens publicitários do Santos Dumont

Attackers Can Use Electromagnetic Signals to Control Touchscreens Remotely

Beware! These crypto scammers pose as journalists, NFTs on Twitter. What to watch out for

BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state

Chicago Public Schools Notifying Students and Staff of Vendor’s Ransomware Attack

ChromeLoader Browser Malware Spreading Via Pirated Games and QR Codes

CISA adds 75 actively exploited bugs to its must-patch list in just a week

Common Types of Social Engineering, Phishing Attacks in Healthcare

Costa Rica declares national emergency after ransomware attacks

Critical Flaws in Popular ICS Platform Can Trigger RCE

Cyberattack at Inglis Foundation Results in Data Breach

Data Security: Protecting the Crown Jewels

Digital Security by Design: A Government Strategy That Can’t Afford to Fail

Emotet Analysis: New LNKs in the Infection Chain – The Monitor, Issue 20

Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel

FBI warns of hackers selling credentials for U.S. college networks

Former IT Consultant Charged with Intentionally Causing Damage to Healthcare Company’s Server

General Motors Hit by Cyberattack, User Data Including Home Addresses Exposed

GitHub: Attackers stole login details of 100K npm user accounts

GitHub saved plaintext passwords of npm users in log files, post mortem reveals

Hacker coloca cenas de sexo em totens do aeroporto Santos Dumont

Hacker invade painel de publicidade de aeroporto e exibe vídeos pornô

Hackers invadem sistema e exibem vídeos pornôs no aeroporto Santos Dumont, no Rio

Hackers Steal $1.5 Million Worth of Moonbirds NFTs

Hackers Steal Metaverse Investors’ Digital Assets With Phishing Scams

Here We Go Again! This Android Malware Can Hack Your Bank Accounts And Crypto Accounts

How scammers hack Twitter accounts to steal NFTs, cryptocurrency

Human error is a main cause for cyber security breaches, Verizon report finds

Important Online Safety Tips that Everyone Using the Internet Should Know

In the Case of Cybersecurity, the Best Defense is Education

Increasingly, It’s Artificial Intelligence vs Cyber-Criminals

Intuit issues yet another phishing warning to QuickBooks customers

Is The U.S. Doing Enough To Keep American Businesses Safe From Cybercrime?

Let's play everyone's favorite game: REvil? Or Not REvil?

Metaverse-related phishing attacks become the newest form of high-tech fraud

Microsoft finds severe bugs in Android apps from large mobile providers

MITRE ATT&CK Framework Explained: Why it Matters

National Cyber Security Centre (NCSC) Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments

Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach

New Chaos Malware Variant Ditches Wiper for Encryption

New Cheerscrypt Ransomware Targets Popular VMware ESXi Machines

New York Judge Dismisses Class Action PACS Data Breach Lawsuit for Lack of Standing

OCBC Hit With S$330 Million Additional Cap Requirement After Phishing Scam

Ofgem scam warning issued over phishing emails

One-year later, and the Colonial Pipeline cyberattack continues to loom large

Patient Information, Including Social Security Numbers, Compromised in Allwell Behavioral Health Services Data Breach

Russian Hackers Believed to Be Behind Leak of Hard Brexit Plans

Singapore's OCBC hit by $240m extra capital requirement for phishing scam

SpiceJet faces ransomware attack, defers Q4 earnings announcement

SpiceJet postpones March quarter results after ransomware attack

Survey Evidences Leaders Lack Confidence in Cyber-Risk Management

Suspected Business Email Compromise Ringleader Busted

Techno crime hits ag sector

Telas de aeroporto do Rio exibem filmes pornô em possível ataque hacker

The Human Toll: Examining The Impact Of Breaches On The Public

This phishing has cost Barcelona City Council 350,000 euros: how an attack has fooled the Institut d’Informàtica

Toronto health network data breach compromises patient information

Totens ‘pornôs’: Aeroporto Santos Dumont sofre ataque hacker

UK Government Seeks Views to Bolster the Nation's Data Security

U.S. Charges Venezuelan Doctor for Using and Selling Thanos Ransomware

What is keeping automotive software developers up at night?

Winning Combo: Security Awareness Training and Anti-Phishing Training

26/05

5 Tips for Organisations to Stay Protected From Ransomware

18 Oil and Gas Companies Take Cyber Resilience Pledge

29 Moonbird NFTs Worth $1.5M Succumbs To A Phishing Attack

Action Fraud warns of new Ofgem scam

Attackers turn to vishing: 550 percent increase seen in vishing attacks

Austria’s Carinthia halts passport issuance over ransomware attack

Beeple Getting Hacked Resulted in His Followers Losing Over $438,000 in Crypto

Better training could fix accountancy firms’ cybersecurity blind spot

Cisco Talos on cyber security trends: Ransomware continues as the top threat

Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers

Cybergang Claims REvil is Back, Executes DDoS Attacks

Email Incidents Reported by Washington University School of Medicine & Oswego County Opportunities

Ex-spymaster and fellow Brexiteers' emails leaked by suspected Russian op

Executives’ weak passwords lead to breaches in healthcare and other industries

Federal Trade Commission (FTC) Signals Additional Scrutiny for Data Breaches

Food For Files: GoodWill Ransomware demands food for the poor to decrypt locked files

GM, Zola customer accounts compromised through credential stuffing

GoodWill ransomware demands people help the poor

Google Chrome branded the least effective browser for stopping phishing attacks

Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities

How confident are companies in managing their current threat exposure?

How zero trust can lead the battle against ransomware

Hundreds stranded after ransomware attack on Indian airline

In 2021, 57% of all cybercrimes were scams — Digital Risk Summit

India: 1 in 2 citizens surveyed acknowledge seeing ads based on their private voice conversations; microphone and contact list access to certain apps is leading to privacy breaches

India's SpiceJet Strands Planes After Being Hit By Ransomware Attack

Industrial Spy data extortion market gets into the ransomware game

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

Messages sent through Zoom can expose users to cyber attack

Microsoft: Here's how to defend Windows against these new privilege escalation attacks

Microsoft shares mitigation for Windows KrbRelayUp LPE attacks

Most organizations do not follow data backup best practices

Multi-Continental Operation Leads to Arrest of Cybercrime Gang Leader

New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps

Phishing as a Service (PaaS): A Growing Cybersecurity Concern

Preventing corporate credential theft

PSNI facing lawsuit after 152 people affected by data breach

Ransomware “GoodWill” Urges Victims To Help The Poor In Exchange For Decryption Key

Singapore bank OCBC hit by $240 mln extra capital requirement for phishing scam

Sixty-Four Percent Of SOC Analysts Will Leave Their Jobs This Year—Here’s How To Improve Your Retention Rate

Some QCT servers vulnerable to 'Pantsdown' flaw say security researchers

State of Cybersecurity Report 2022 Names Ransomware and Nation-State Attacks As Biggest Threats

State Oil Fund of Azerbaijan (SOFAZ) warns citizens about phishing attacks

Suspected phishing email crime boss cuffed in Nigeria

Tails OS Users Advised Not to Use Tor Browser Until Critical Firefox Bugs are Patched

The Added Dangers Privileged Accounts Pose to Your Active Directory

Three-quarters of Security Pros Believe Current Cybersecurity Strategies Will Shortly Be Obsolete

Twitter Fined $150 Million for Misusing Users' Data for Advertising Without Consent

What’s the impact of a security breach?

Why Zero-Trust Must Extend to Deep Infrastructure

Zyxel warns of flaws impacting firewalls, APs, and controllers

25/05

6 Tips for Successfully Securing Your AWS Environment

68% of Legal Sector Data Breaches Caused by Insider Threats

AI’s role in the future of cybersecurity

Bad Bots and the Commoditization of Online Fraud

Beyond Materiality: Comparing The SEC’s Proposed Data Breach Notification Rules with Evolving State Notification Laws

BPFDoor malware uses Solaris vulnerability to get root privileges

Bryan County Ambulance Authority in Oklahoma Faces Ransomware, 14K Impacted

Business as usual for exams as The De Montfort School fights back following 'malicious' cyber attack

Can we trust the cybersecurity of the energy sector?

Chaining Zoom bugs is possible to hack users in a chat by sending them a message

Chaos ransomware explained: A rapidly evolving threat

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

CISA Announces Joint Ransomware Task Force

Conti leaks data stolen during January attack on Oregon county

Cyber attack warning for small businesses including hotels and restaurants

Cyber criminals target desperate householders with bogus electricity rebates as Action Fraud reveals they have received 800 complaints about fake Ofgem emails in just FOUR DAYS

Darknet market Versus shuts down after hacker leaks security flaw

Data on ransomware attacks is 'fragmented and incomplete' warns Senate report

DoJ Decision Gives Good Faith Hackers Relief From CFAA

Elevation of Privilege is the #1 Microsoft vulnerability category

Emails of leading pro-Brexit figures leaked by Russian hackers alleging ‘deep state conspiracy’

Feds remain in the dark as ransomware disclosure lags

FTC fines Twitter $150M for using 2FA info for targeted advertising

GoodWill Ransomware Demands People Help the Most Vulnerable

GoodWill ransomware will force you to do good deeds like donate to the poor and homeless

Hacker of Python, PHP libraries: no "malicious activity" was intended

Hacker says hijacking libraries, stealing AWS keys was ethical research

Hackers steal 29 Moonbirds valued at $1.5 million in NFT phishing attack

Health plan faces lawsuit after breach affects 850,000 patients

Health systems mostly attacked for financial reasons, report finds

How Secrets Lurking in Source Code Lead to Major Breaches

How to navigate GDPR complexity

Indian airline SpiceJet's flights impacted by ransomware attack

Interpol arrests alleged leader of the SilverTerrier BEC gang

Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks

Interpol Nabs Nigerian Man Behind Massive Email Phishing Campaigns

Is 100% Cybersecurity Readiness Possible? Medical Device Pros Weigh In

Keeping pace with emerging threats: The roundup

Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them

Link Found Connecting Chaos, Onyx and Yashma Ransomware

Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room

Messages Sent Through Zoom Can Expose People to Cyber-Attack

Nation-State Cyber Attacks and Insurance Response: Revisiting the War Exclusion

New ‘Cheers’ Linux ransomware targets VMware ESXi servers

New ChromeLoader malware surge threatens browsers worldwide

North Carolina Prohibits Public Sector Entities from Paying Ransom in a Ransomware Cyberattack

Organizations Urged to Fix 41 Vulnerabilities Added to CISA’s Catalog of Exploited Flaws

Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack

Researchers Find New Malware Attacks Targeting Russian Government Entities

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Somerset County Offices Hit with Ransomware Attack

Somerset County, N.J., Email System Offline After Breach

SpiceJet airline passengers stranded after ransomware attack

Tackling the Emerging Threat of Session Hijacking and MFA Bypass

Tails 5.0 Linux users warned against using it "for sensitive information"

The De Montfort School in Evesham suffers ransomware-attack

This ransomware looks to make the world a better place

UK Government Cybersecurity Advisory Board Applications Now Open

Verizon 2022 DBIR: External attacks and ransomware reign

Verizon Report: Ransomware, Human Error Among Top Security Risks

Zoom Patches ‘Zero-Click’ RCE Bug

WhatsApp and QR codes the next scam threat - report

Where is attack surface management headed?

24/05

A favorite of cybercriminals and nation states, ransomware incidents increase again

A ‘whale’ of a threat evolves in the financial industry to steal sensitive data

Cabinet Office Reports 800 Missing Electronic Devices in Three Years

Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

Cyber threat: Report warns organisations against frequent ransomeware attacks

Cybersecurity rulings important for all Australian businesses

Devastating cyber attacks expected to hit energy sector

District of Columbia Sues Mark Zuckerberg over Cambridge Analytica data breach

District of Columbia Sues Zuckerberg Over Cambridge Analytica Data Breach

Email Security: Best Practices for SMBs and Top Email Security Providers

Facebook's Zuckerberg sued for data breach

Fronton IOT Botnet Packs Disinformation Punch

How confident are CISOs about their security posture?

How to defeat social engineering attacks

ICO Fines Clearview AI £7.5m for Collecting UK Citizens’ Data

It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017

KnowBe4 warns users to be vigilant of QR codes and WhatsApp scams

Love, Bonito fined $24,000 over 2019 data breach involving over 5,500 customers

Malware Analysis: Trickbot

Microsoft: Credit card skimmers are switching techniques to hide their attacks

Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

Mumbai sees 200% surge in cyber-crime cases year-on-year

New Chaos Ransomware Builder Variant "Yashma" Discovered in the Wild

Paying the ransom is not a good recovery strategy

Popular PyPI Package 'ctx' and PHP Library 'phpass' Hijacked to Steal AWS Keys

Popular Python and PHP libraries hijacked to steal AWS keys

RansomHouse: Bug bounty hunters gone rogue?

Ransomware dominated threat landscape in 2021

Researchers to release exploit for new VMware auth bypass, patch now

Securing mobile devices: a cybersecurity focus in 2022

Security Problems with NFT Marketplace OpenSea

SIM-based Authentication Aims to Transform Device Binding Security to End Phishing

State Bank of India (SBI) Customers Alert! ‘Delete THIS Message Immediately Or …’, Government’s Warning Amid Rising Phishing Scams

The benefits that microsegmentation can bring to cyber resilience

These are the flaws that let hackers attack blockchain and DeFi projects

UK fines Clearview AI £7.5m for privacy breaches with facial recognition

UK privacy watchdog fines Clearview AI £7.5m and orders UK data to be deleted

USA: The government’s still mostly in the dark on ransomware

US Car Giant General Motors Hit by Cyber-Attack Exposing Car Owners' Personal Info

Vishing cases reach all time high

What does prioritizing cybersecurity at the leadership level entail?

What Does Zero Trust Mean for MSPs?

What Is Phishing as a Service and How Does It Work?

Why Cyber Insurance is Essential in 2022

23/05

4 commonly forgotten points hackers like to exploit

5 ways to avoid a printer security data breach

Anonymous Declares Cyber War Against Pro-Russia Hacker Group Killnet

Anonymous Declares Cyber-War on Pro-Russian Hacker Gang Killnet

Back to the Future: Protecting Against Quantum Computing

Beware! State Bank of India (SBI) Customers Should Not Reply To This SMS And Fall Prey To This Scam

Big tech is joining forces to end passwords

Boards: Don’t mistake business continuity plans for an effective resilience strategy in the face of growing cyber threats

By streamlining compliance, companies can focus more on security

Can the new National Cyber Strategy make the UK a security leader?

Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity

Chicago Public Schools data breach blamed on ransomware attack on supplier

CISA Signals Cyber Incident Reporting Requirements

Cyber attacks could jeopardize global food supplies

Cyberattacks Give Food Security a Bad Taste

Data Breach-Related Securities Suit Filed Against Cyber Firm Okta

Effective Ways to Prepare for a Cyberattack

Eighty percent of organisations surveyed have been attacked by ransomware in the past two years

Flawed MFA Opens Doors to Ransomware

Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns

GoodWill ransomware detected in India makes victim donate to poor, provides financial help to needy patients

Government Alerts About Fake SMS Fraud Targeting State Bank of India (SBI) Customers; Know What To Do If You Are A Victim

Hackers can hack your online accounts before you even register them

Hackers Compromised Synapse X Scripting Engine To Inject Trojan Code Into Roblox Game

HHS Shares Information on Advanced Persistent Threat Groups Linked with the Russian Intelligence Services

How effective cybersecurity can provide the basis for growth

How to fend off DDoS attacks before they shut you down

How Zero Trust can lead the battle against ransomware

IBM Dives Into TrickBot Gang's Malware Crypting Operation

Is your personal data on the dark web?

Mark Zuckerberg Sued Over Cambridge Analytica Data Breach

Mitigating Cyber-Threats in the Maritime Industry

Multiple NFT Projects Attacked After Commonly-Used “Mee6” Discord Bot Hacked

New phishing technique lures users with fake chatbot

New RansomHouse group sets up extortion market, adds first victims

New Unpatched Bug Could Let Attackers Steal Money from PayPal Users

Photos of abused victims used in new ID verification scam

Predator Spyware Using Zero-day to Target Android Devices

Ransomware Hackers Steal Personal Data of 500,000 Students and Staff in Chicago

Ransomware still winning: Average ransom demand jumped by 45%

Rising Cases of Data Breaches in Indonesia: a Sign to Urgently Enact the Data Protection Bill?

Russian hackers perform reconnaissance against Austria, Estonia

Scam Alert: Don't Click on "Biggest Airdrop" Website by OpenSea Impostors

Scammers use Beeple’s hacked Twitter account to trick crypto fans out of £348,000

Security has become more difficult, IT leaders say

Smart Farm Technology Open to Attacks by Hackers

Snake Keylogger Spreads Through Malicious PDFs

Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account

This malware-spreading PDF uses a sneaky file name to trick the unwary

Top Seven Cybersecurity Tips to Keep Your Data Safe and Private

Twitter blue badge phishing scams targeting verified accounts

UAE firms most likely to fall victim to phishing and APT attacks: report

Vulnerabilities Associated With Ransomware Up 7.6% in Q1 2022: Report

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

22/05

A hack revealed the personal information of 500,000 Chicago students and employees

A year on: Inside the Defence Forces response against the HSE ransomware hack

Atividade do grupo hacker Conti atinge níveis alarmantes

Beware these online fraud schemes in South Africa

Cyber warning after rise in attacks

Cytrox’s Spyware Attack Android Users with Zero-Day Exploits

Defence Minister says Malaysian data leak will not affect national security. Seriously?

Does the Taliban pose a cyber-threat?

Dubai utility provider Dubai Electric and Water Authority (DEWA) warns against phishing scam

Elon Musk deep fakes promote new cryptocurrency scam

Google: Predator spyware infected Android devices using zero-days

Microsoft tests new Windows 11 Desktop search that only works with Edge

North Korea-linked Lazarus APT uses Log4J to target VMware servers

PDF smuggles Microsoft Word doc to drop Snake Keylogger malware

Ransomware attack exposed data of half-million Chicago students, staff

Ransomware Hackers Declare Total War on Costa Rica

Security Affairs newsletter Round 366 by Pierluigi Paganini

Singapore: Police warn of banking-related phishing scams after 10 people lose over $70,000

Still crying? WannaCry five years on

The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000

Week in review: VMware critical fixes, Bluetooth LE flaw unlocks cars, Kali Linux 2022.2

NEWS: Maio (15/05 - 21/05) - 20 Semana de 2022