top of page

NEWS: Março (27/03 - 02/04) - 13 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

02/04


10 Leading Practices for Managing the Risk of Remote Access


Advanced Phishing Attacks Saw Twofold Increase in 2021


After massive New York City (NYC) student data breach, here are the steps you can take


Android spyware linked to Russian hackers tracks location, records audio


Bored Ape and other major NFT Discord servers targeted by scammers


Comelec: Smartmatic data breach not related to polls


Cyber Espionage Actor Deploying Malware Using Excel


Dark web trade in personal data on rise


Hackers linked to North Korea were suspected of carrying out a cyberattack on South Korea


Hunting for Spring Core Exploitation


Is the end nigh for end-to-end encryption?


Millions Drained From Ethereum DeFi Protocol Inverse Finance


Norton Phishing Scam Uses Personal Info to Steal Money from Victims


Password Stealing BlackGuard Malware Sold In Russian Hacking Forum Targets A Ton Of Apps


Protect your printer by keeping the firmware up to date


Scammers are texting you from your own number now — here’s what to do if that happens


Scammers Hacked the Project Bots of Bored Ape and Other NFT Discords on April Fools Day


Spring4Shell: Spring Remote Code Execution Vulnerability


Teenage hackers trick Facebook and Apple into giving up data – Are you at risk?


This fake Norton antivirus email could really ruin your weekend


UK charges two teenagers linked to the Lapsus$ hacking group


US Health Provider Law Enforcement Health Benefits (LEHB) Hit by Ransomware Attack, Network Compromised


Warnings Issued to Private Businesses, Citizens About Potential Cyber Attacks


Web3 Is Supposed to Be Secure. What About All These Hacks?


01/04


$72 million lost in mobile app ad fraud: AppsFlyer


A Former Teen Hacker Explains Why It’s So Hard to Stop Teen Hackers


Accelerating awareness in a new era of cybercrime


AcidRain, a wiper that crippled routers and modems in Europe


Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked


Apple Rushes Out Patches for 0-Days in MacOS, iOS


Arquivos de ajuda da Microsoft disfarçam o malware Vidar


'Back from vacation': Lapsus$ now claims to have data from an Apple partner


Beastmode botnet boosts DDoS power with new router exploits


‘Cadbury Easter Egg Hunt’ Scam Circulates on WhatsApp


California health plan facing network disruptions after alleged Hive ransomware attack


Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit


Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit


CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog


Cloud native application security is a critical priority, risk perception is worryingly low


Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code


Critical GitLab vulnerability lets attackers take over accounts


Data Breach Alert: Condor Earth Technologies, Inc.


Data Breach Alert: SuperCare Health


Executives for Health Innovation (EHI) Provides Guidance for Protecting non-HIPAA-Covered Health Data


EU draft law adds security checks to all crypto transactions


FBI: Ransomware attacks are piling up the pressure on public services


Flaws in Wyze cam devices allow their complete takeover


GEBE investigating cyberattack, says efforts focused on minimising impact


Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE


Government workers rely on Microsoft. That could be a security problem, Google claims


Hackers are taking aim at food companies


Hackers have found a clever new way to steal your Microsoft 365 credentials


House Passes Better Cybercrime Metrics Act


How Restaurant Operators Can Defend Against Ransomware


Increase in Cyber-Attacks Leads to Influx of New Reporting Obligations


Ireland: More than €22 million stolen by fraudsters in bank account takeovers in 2021


IT And OT Convergence Need Holistic Cybersecurity Protection


IT Services Giant Admits $42m Fallout from Ransomware Attack


JavaScript security: The importance of prioritizing the client side


Making security mistakes may come with a high price for employees


Microsoft adds Windows 11 upgrade block due to IE11 known issue


Modem-wiping malware was behind Viasat cyberattack


Nigerian Arrested in India for Involvement in N665m Bank Scam


North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto


One in four employees who made security mistakes lost their job


Over Half of Data Security Incidents Caused by Insiders


Pfizer asks hourly staffers to return overpayments in aftermath of vendor's cyberattack: reports


Phishing email offers students financially impacted by COVID-19 up to $4,000 in financial aid


Protecting and Transforming Cyber Health Care (PATCH) Act seeks to shore up security for medical devices, IoT networks


Ransomware attacks straining local governments, public services


Ransomware Gangs Claim Health Plan and Healthcare Provider Attacked


Ransomware Payments Hit Record Highs in 2021


Recent cyberattack against Iberdrola affects the data of 1.3 million customers


Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition


Russian-linked Android malware records audio, tracks your location


Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems


Sitel on Okta breach: "spreadsheet" did not contain passwords


Spokane Regional Health District Announces Second Phishing Attack in 3 Months


Spring4Shell: New info and fixes (CVE-2022-22965)


SunVia bets that controlling your own identity will make the metaverse successful


Tesco shoppers urged to delete scam email immediately from inbox


The spectre of Stuxnet: CISA issues alert on Rockwell Automation ICS vulnerabilities


Trend Micro fixes actively exploited remote code execution bug


Two teenagers charged in connection with investigation into hacking group, says City of London police


UK Spy Chief Hails Government Cell Tackling Kremlin Fake News


Viasat Confirms 'AcidRain' Malware Could Have Wiped Modems


Vishing Continues to be a Risk Worth Assessing


Zero trust in business cyber security


Zyxel fixes a critical bug in its business firewall and VPN devices


Zyxel urges customers to patch critical firewall bypass vulnerability


We need an industry-backed, tech-neutral resource to restore trust in voice communications



31/03


17 tips to keep you safe from phishing schemes


57% of people can’t recall if they ever backed up their important documents


2022 World Backup Day


About 1,300 Catholic Health patients affected by email security incident at vendor


Apple emergency update fixes zero-days used to hack iPhones, Macs


Australia's second tranche of cyber laws passes both Houses


Average UK cyberattack cost £4,200 last year


Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks


Botnet attacks: How bad bots can impact your enterprise


Brand Exposure: How Exposed Personal Data Impacts Corporate Digital Risk


Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds


Chinese hacking group uses new 'Fire Chili' Windows rootkit


CISA Issues UPS Warning


Connecticut’s Bradley Airport Website Hit by Cyberattack


Cyber-Attack on California Healthcare Organization


Cyber Security Breaches Survey 2022


Cybersecurity managers with a direct line to executive boards set the tone for investment: Study


Cybersecurity readiness for CII deemed critical


DDoS attacks becoming larger and more complex, finance most targeted sector


Deploying pseudonymization techniques to protect health data


DPRK hackers go after crypto assets using trojanized DeFi Wallet app


FBI efforts to disrupt business email compromise scams leads to 65 arrests


FBI Warns of Phishing Attacks Targeting US Election Officials


Financial advice industry gets hard word on cyber security


Globant admits to data breach after Lapsus$ releases source code


Globe Telecom flags new phishing scams


Google: Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts


Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks


Hive ransomware group claims Partnership HealthPlan of California data breach


Know Your Ransomware Enemy: Getting Inside the Mind of a Hacker


Lack of CLM maturity is putting organizations at risk


Linux secure networking security bug found and fixed


List of data breaches and cyber attacks in March 2022 – 3.99 million records breached


‘Low’ threat of cyber attack on Ireland but ransomware risk is high, says top official


Mahesh Bank was easy pickings for hacker


Meet BlackGuard: a new infostealer peddled on Russian hacker forums


Microsoft: These are the Windows Update policies to use for your PCs (and rollercoasters)


New BlackGuard password-stealing malware sold on hacker forums


New York City wants an FBI investigation into the data breach that affected 820,000 students


No Patch Available Yet for Critical SpringShell Bug


On World Backup Day, overconfidence a worrying trend among organizations


Palo Alto Networks error exposed customer support cases, attachments


PayPal Text Message Scam


QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug


Ransomware payments increased 78% last year


Red flag for ransomware: attackers are using Log4Shell vulnerability to deliver backdoors to virtual servers, Sophos research shows


Reducing Critical Infrastructure Risk From End-of-Life Software


Safe Mode Is A Growing Attack Surface For Bad Actors


Samsung’s Advanced Chip Technologies Stolen In Data Breach


Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework


Spring4Shell: No need to panic, but mitigations are advised


The current state of enterprise backup and recovery


The volume of DDoS attacks from compromised IoT devices rose significantly in March


Ukraine Leaks Personal Details of 620 Alleged FSB Agents


US healthcare data breach impacts 85,000 law enforcement officers


Viasat confirms satellite modems were wiped with AcidRain malware


Where should companies start when it comes to device security?


Why do organizations need to prioritize cyber resiliency?


WorldBackupDay: 5 Backup Tips to Retain Critical Data Following a Ransomware Attack


30/03


A Look Inside Biden's Spending Proposals for HHS Agencies


A Third of UK Businesses Experience Cyber-Attacks at Least Once a Week


As Lapsus$ comes back from 'vacation,' Sitel clarifies position on data breach


Attackers Steal $618m From Crypto Firm


Crypto Hackers Exploit Ronin Network for $615 Million


Design, prioritize, and implement a cyber defense program with CIS CDM 2.0


Despite Arrests, Lapsus$ Adds Globant to Victim List


Electric Vehicle DC charging tripped by a wireless hack


FBI disrupts BEC cybercrime gangs targeting victims worldwide


FBI Investigating More than 100 Ransomware Variants


Get an extra 50% off these 10 ethical hacking e-learning bundles


Globant confirms hack after Lapsus$ leaks 70GB of stolen data


Google: Russian phishing attacks target NATO, European military


Hacker roubou mais de US$ 600 milhões da Ronin. O que acontece agora?


Hive ransomware uses new 'IPfuscation' trick to hide payload


Honda's Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles


How hard is it to address Apple’s in-app deletion requirements and implement privacy compliance?


How to recruit cybersecurity talent from atypical backgrounds


Infosecurity Europe Unveils Keynote Speakers for 2022 Event


IoT warning: Hackers are gaining access to UPS devices. Here's how to protect yours


ISH Tecnologia sofre o primeiro revés ao não conseguir defender a rede Sebrae de ataque cibernético


LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data


Log4Shell Used in a Third of Malware Infections


Mars Stealer malware pushed via Google Ads and phishing emails


Mazda Infotainment Crash Shows How Fragile Car Security Really Is


NCSC: Time to Rethink Russian Supply Chain Risks


New Research Claims Biden's Disclosure Deadlines Are Unrealistic


New Spring Java framework zero-day allows remote code execution


Okta Breach Timeline, Attack Method Analyzed


Partnership Health Plan of California IT Systems Still Down


Personal Data of 820,000 NYC Students Exposed


Phishing campaign targets Russian govt dissidents with Cobalt Strike


Posts on name-and-shame dark web leak sites climbed 85% in 2021


QNAP warns severe OpenSSL bug affects most of its NAS devices


Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread


Sophos Patches Critical RCE Bug Exploited in the Wild


State-backed hacking attacks are a big worry, but most firms don't know what to watch out for


The benefits of implementing continuous security in the development lifecycle