NEWS: Março (27/03 - 02/04) - 13 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

02/04
10 Leading Practices for Managing the Risk of Remote Access
Advanced Phishing Attacks Saw Twofold Increase in 2021
After massive New York City (NYC) student data breach, here are the steps you can take
Android spyware linked to Russian hackers tracks location, records audio
Bored Ape and other major NFT Discord servers targeted by scammers
Comelec: Smartmatic data breach not related to polls
Cyber Espionage Actor Deploying Malware Using Excel
Dark web trade in personal data on rise
Hackers linked to North Korea were suspected of carrying out a cyberattack on South Korea
Hunting for Spring Core Exploitation
Is the end nigh for end-to-end encryption?
Millions Drained From Ethereum DeFi Protocol Inverse Finance
Norton Phishing Scam Uses Personal Info to Steal Money from Victims
Password Stealing BlackGuard Malware Sold In Russian Hacking Forum Targets A Ton Of Apps
Protect your printer by keeping the firmware up to date
Scammers are texting you from your own number now — here’s what to do if that happens
Scammers Hacked the Project Bots of Bored Ape and Other NFT Discords on April Fools Day
Spring4Shell: Spring Remote Code Execution Vulnerability
Teenage hackers trick Facebook and Apple into giving up data – Are you at risk?
This fake Norton antivirus email could really ruin your weekend
UK charges two teenagers linked to the Lapsus$ hacking group
Warnings Issued to Private Businesses, Citizens About Potential Cyber Attacks
Web3 Is Supposed to Be Secure. What About All These Hacks?
01/04
$72 million lost in mobile app ad fraud: AppsFlyer
A Former Teen Hacker Explains Why It’s So Hard to Stop Teen Hackers
Accelerating awareness in a new era of cybercrime
AcidRain, a wiper that crippled routers and modems in Europe
Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked
Apple Rushes Out Patches for 0-Days in MacOS, iOS
Arquivos de ajuda da Microsoft disfarçam o malware Vidar
'Back from vacation': Lapsus$ now claims to have data from an Apple partner
Beastmode botnet boosts DDoS power with new router exploits
‘Cadbury Easter Egg Hunt’ Scam Circulates on WhatsApp
California health plan facing network disruptions after alleged Hive ransomware attack
Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit
Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit
CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog
Cloud native application security is a critical priority, risk perception is worryingly low
Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code
Critical GitLab vulnerability lets attackers take over accounts
Data Breach Alert: Condor Earth Technologies, Inc.
Data Breach Alert: SuperCare Health
EU draft law adds security checks to all crypto transactions
FBI: Ransomware attacks are piling up the pressure on public services
Flaws in Wyze cam devices allow their complete takeover
GEBE investigating cyberattack, says efforts focused on minimising impact
Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE
Government workers rely on Microsoft. That could be a security problem, Google claims
Hackers are taking aim at food companies
Hackers have found a clever new way to steal your Microsoft 365 credentials
House Passes Better Cybercrime Metrics Act
How Restaurant Operators Can Defend Against Ransomware
Increase in Cyber-Attacks Leads to Influx of New Reporting Obligations
Ireland: More than €22 million stolen by fraudsters in bank account takeovers in 2021
IT And OT Convergence Need Holistic Cybersecurity Protection
IT Services Giant Admits $42m Fallout from Ransomware Attack
JavaScript security: The importance of prioritizing the client side
Making security mistakes may come with a high price for employees
Microsoft adds Windows 11 upgrade block due to IE11 known issue
Modem-wiping malware was behind Viasat cyberattack
Nigerian Arrested in India for Involvement in N665m Bank Scam
North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto
One in four employees who made security mistakes lost their job
Over Half of Data Security Incidents Caused by Insiders
Pfizer asks hourly staffers to return overpayments in aftermath of vendor's cyberattack: reports
Phishing email offers students financially impacted by COVID-19 up to $4,000 in financial aid
Ransomware attacks straining local governments, public services
Ransomware Gangs Claim Health Plan and Healthcare Provider Attacked
Ransomware Payments Hit Record Highs in 2021
Recent cyberattack against Iberdrola affects the data of 1.3 million customers
Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition
Russian-linked Android malware records audio, tracks your location
Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems
Sitel on Okta breach: "spreadsheet" did not contain passwords
Spokane Regional Health District Announces Second Phishing Attack in 3 Months
Spring4Shell: New info and fixes (CVE-2022-22965)
SunVia bets that controlling your own identity will make the metaverse successful
Tesco shoppers urged to delete scam email immediately from inbox
The spectre of Stuxnet: CISA issues alert on Rockwell Automation ICS vulnerabilities
Trend Micro fixes actively exploited remote code execution bug
UK Spy Chief Hails Government Cell Tackling Kremlin Fake News
Viasat Confirms 'AcidRain' Malware Could Have Wiped Modems
Vishing Continues to be a Risk Worth Assessing
Zero trust in business cyber security
Zyxel fixes a critical bug in its business firewall and VPN devices
Zyxel urges customers to patch critical firewall bypass vulnerability
We need an industry-backed, tech-neutral resource to restore trust in voice communications
31/03
17 tips to keep you safe from phishing schemes
57% of people can’t recall if they ever backed up their important documents
About 1,300 Catholic Health patients affected by email security incident at vendor
Apple emergency update fixes zero-days used to hack iPhones, Macs
Australia's second tranche of cyber laws passes both Houses
Average UK cyberattack cost £4,200 last year
Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks
Botnet attacks: How bad bots can impact your enterprise
Brand Exposure: How Exposed Personal Data Impacts Corporate Digital Risk
Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds
Chinese hacking group uses new 'Fire Chili' Windows rootkit
Connecticut’s Bradley Airport Website Hit by Cyberattack
Cyber-Attack on California Healthcare Organization
Cyber Security Breaches Survey 2022
Cybersecurity managers with a direct line to executive boards set the tone for investment: Study
Cybersecurity readiness for CII deemed critical
DDoS attacks becoming larger and more complex, finance most targeted sector
Deploying pseudonymization techniques to protect health data
DPRK hackers go after crypto assets using trojanized DeFi Wallet app
FBI efforts to disrupt business email compromise scams leads to 65 arrests
FBI Warns of Phishing Attacks Targeting US Election Officials
Financial advice industry gets hard word on cyber security
Globant admits to data breach after Lapsus$ releases source code
Globe Telecom flags new phishing scams
Google: Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts
Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks
Hive ransomware group claims Partnership HealthPlan of California data breach
Know Your Ransomware Enemy: Getting Inside the Mind of a Hacker
Lack of CLM maturity is putting organizations at risk
Linux secure networking security bug found and fixed
List of data breaches and cyber attacks in March 2022 – 3.99 million records breached
‘Low’ threat of cyber attack on Ireland but ransomware risk is high, says top official
Mahesh Bank was easy pickings for hacker
Meet BlackGuard: a new infostealer peddled on Russian hacker forums
Microsoft: These are the Windows Update policies to use for your PCs (and rollercoasters)
New BlackGuard password-stealing malware sold on hacker forums
New York City wants an FBI investigation into the data breach that affected 820,000 students
No Patch Available Yet for Critical SpringShell Bug
On World Backup Day, overconfidence a worrying trend among organizations
Palo Alto Networks error exposed customer support cases, attachments
QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug
Ransomware payments increased 78% last year
Reducing Critical Infrastructure Risk From End-of-Life Software
Safe Mode Is A Growing Attack Surface For Bad Actors
Samsung’s Advanced Chip Technologies Stolen In Data Breach
Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework
Spring4Shell: No need to panic, but mitigations are advised
The current state of enterprise backup and recovery
The volume of DDoS attacks from compromised IoT devices rose significantly in March
Ukraine Leaks Personal Details of 620 Alleged FSB Agents
US healthcare data breach impacts 85,000 law enforcement officers
Viasat confirms satellite modems were wiped with AcidRain malware
Where should companies start when it comes to device security?
Why do organizations need to prioritize cyber resiliency?
WorldBackupDay: 5 Backup Tips to Retain Critical Data Following a Ransomware Attack
30/03
A Look Inside Biden's Spending Proposals for HHS Agencies
A Third of UK Businesses Experience Cyber-Attacks at Least Once a Week
As Lapsus$ comes back from 'vacation,' Sitel clarifies position on data breach
Attackers Steal $618m From Crypto Firm
Crypto Hackers Exploit Ronin Network for $615 Million
Design, prioritize, and implement a cyber defense program with CIS CDM 2.0
Despite Arrests, Lapsus$ Adds Globant to Victim List
Electric Vehicle DC charging tripped by a wireless hack
FBI disrupts BEC cybercrime gangs targeting victims worldwide
FBI Investigating More than 100 Ransomware Variants
Get an extra 50% off these 10 ethical hacking e-learning bundles
Globant confirms hack after Lapsus$ leaks 70GB of stolen data
Google: Russian phishing attacks target NATO, European military
Hacker roubou mais de US$ 600 milhões da Ronin. O que acontece agora?
Hive ransomware uses new 'IPfuscation' trick to hide payload
Honda's Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles
How hard is it to address Apple’s in-app deletion requirements and implement privacy compliance?
How to recruit cybersecurity talent from atypical backgrounds
Infosecurity Europe Unveils Keynote Speakers for 2022 Event
IoT warning: Hackers are gaining access to UPS devices. Here's how to protect yours
ISH Tecnologia sofre o primeiro revés ao não conseguir defender a rede Sebrae de ataque cibernético
LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data
Log4Shell Used in a Third of Malware Infections
Mars Stealer malware pushed via Google Ads and phishing emails
Mazda Infotainment Crash Shows How Fragile Car Security Really Is
NCSC: Time to Rethink Russian Supply Chain Risks
New Research Claims Biden's Disclosure Deadlines Are Unrealistic
New Spring Java framework zero-day allows remote code execution
Okta Breach Timeline, Attack Method Analyzed
Partnership Health Plan of California IT Systems Still Down
Personal Data of 820,000 NYC Students Exposed
Phishing campaign targets Russian govt dissidents with Cobalt Strike
Posts on name-and-shame dark web leak sites climbed 85% in 2021
QNAP warns severe OpenSSL bug affects most of its NAS devices
Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread
Sophos Patches Critical RCE Bug Exploited in the Wild
State-backed hacking attacks are a big worry, but most firms don't know what to watch out for
The benefits of implementing continuous security in the development lifecycle