top of page

NEWS: Março (27/03 - 02/04) - 13 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!


10 Leading Practices for Managing the Risk of Remote Access

Advanced Phishing Attacks Saw Twofold Increase in 2021

After massive New York City (NYC) student data breach, here are the steps you can take

Android spyware linked to Russian hackers tracks location, records audio

Bored Ape and other major NFT Discord servers targeted by scammers

Comelec: Smartmatic data breach not related to polls

Cyber Espionage Actor Deploying Malware Using Excel

Dark web trade in personal data on rise

Hackers linked to North Korea were suspected of carrying out a cyberattack on South Korea

Hunting for Spring Core Exploitation

Is the end nigh for end-to-end encryption?

Millions Drained From Ethereum DeFi Protocol Inverse Finance

Norton Phishing Scam Uses Personal Info to Steal Money from Victims

Password Stealing BlackGuard Malware Sold In Russian Hacking Forum Targets A Ton Of Apps

Protect your printer by keeping the firmware up to date

Scammers are texting you from your own number now — here’s what to do if that happens

Scammers Hacked the Project Bots of Bored Ape and Other NFT Discords on April Fools Day

Spring4Shell: Spring Remote Code Execution Vulnerability

Teenage hackers trick Facebook and Apple into giving up data – Are you at risk?

This fake Norton antivirus email could really ruin your weekend

UK charges two teenagers linked to the Lapsus$ hacking group

US Health Provider Law Enforcement Health Benefits (LEHB) Hit by Ransomware Attack, Network Compromised

Warnings Issued to Private Businesses, Citizens About Potential Cyber Attacks

Web3 Is Supposed to Be Secure. What About All These Hacks?


$72 million lost in mobile app ad fraud: AppsFlyer

A Former Teen Hacker Explains Why It’s So Hard to Stop Teen Hackers

Accelerating awareness in a new era of cybercrime

AcidRain, a wiper that crippled routers and modems in Europe

Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked

Apple Rushes Out Patches for 0-Days in MacOS, iOS

Arquivos de ajuda da Microsoft disfarçam o malware Vidar

'Back from vacation': Lapsus$ now claims to have data from an Apple partner

Beastmode botnet boosts DDoS power with new router exploits

‘Cadbury Easter Egg Hunt’ Scam Circulates on WhatsApp

California health plan facing network disruptions after alleged Hive ransomware attack

Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit

CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog

Cloud native application security is a critical priority, risk perception is worryingly low

Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code

Critical GitLab vulnerability lets attackers take over accounts

Data Breach Alert: Condor Earth Technologies, Inc.

Data Breach Alert: SuperCare Health

Executives for Health Innovation (EHI) Provides Guidance for Protecting non-HIPAA-Covered Health Data

EU draft law adds security checks to all crypto transactions

FBI: Ransomware attacks are piling up the pressure on public services

Flaws in Wyze cam devices allow their complete takeover

GEBE investigating cyberattack, says efforts focused on minimising impact

Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE

Government workers rely on Microsoft. That could be a security problem, Google claims

Hackers are taking aim at food companies

Hackers have found a clever new way to steal your Microsoft 365 credentials

House Passes Better Cybercrime Metrics Act

How Restaurant Operators Can Defend Against Ransomware

Increase in Cyber-Attacks Leads to Influx of New Reporting Obligations

Ireland: More than €22 million stolen by fraudsters in bank account takeovers in 2021

IT And OT Convergence Need Holistic Cybersecurity Protection

IT Services Giant Admits $42m Fallout from Ransomware Attack

JavaScript security: The importance of prioritizing the client side

Making security mistakes may come with a high price for employees

Microsoft adds Windows 11 upgrade block due to IE11 known issue

Modem-wiping malware was behind Viasat cyberattack

Nigerian Arrested in India for Involvement in N665m Bank Scam

North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto

One in four employees who made security mistakes lost their job

Over Half of Data Security Incidents Caused by Insiders

Pfizer asks hourly staffers to return overpayments in aftermath of vendor's cyberattack: reports

Phishing email offers students financially impacted by COVID-19 up to $4,000 in financial aid

Protecting and Transforming Cyber Health Care (PATCH) Act seeks to shore up security for medical devices, IoT networks

Ransomware attacks straining local governments, public services

Ransomware Gangs Claim Health Plan and Healthcare Provider Attacked

Ransomware Payments Hit Record Highs in 2021

Recent cyberattack against Iberdrola affects the data of 1.3 million customers

Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

Russian-linked Android malware records audio, tracks your location

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems

Sitel on Okta breach: "spreadsheet" did not contain passwords

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

Spring4Shell: New info and fixes (CVE-2022-22965)

SunVia bets that controlling your own identity will make the metaverse successful

Tesco shoppers urged to delete scam email immediately from inbox

The spectre of Stuxnet: CISA issues alert on Rockwell Automation ICS vulnerabilities

Trend Micro fixes actively exploited remote code execution bug

Two teenagers charged in connection with investigation into hacking group, says City of London police

UK Spy Chief Hails Government Cell Tackling Kremlin Fake News

Viasat Confirms 'AcidRain' Malware Could Have Wiped Modems

Vishing Continues to be a Risk Worth Assessing

Zero trust in business cyber security

Zyxel fixes a critical bug in its business firewall and VPN devices

Zyxel urges customers to patch critical firewall bypass vulnerability

We need an industry-backed, tech-neutral resource to restore trust in voice communications


17 tips to keep you safe from phishing schemes

57% of people can’t recall if they ever backed up their important documents

2022 World Backup Day

About 1,300 Catholic Health patients affected by email security incident at vendor

Apple emergency update fixes zero-days used to hack iPhones, Macs

Australia's second tranche of cyber laws passes both Houses

Average UK cyberattack cost £4,200 last year

Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks

Botnet attacks: How bad bots can impact your enterprise

Brand Exposure: How Exposed Personal Data Impacts Corporate Digital Risk

Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds

Chinese hacking group uses new 'Fire Chili' Windows rootkit

CISA Issues UPS Warning

Connecticut’s Bradley Airport Website Hit by Cyberattack

Cyber-Attack on California Healthcare Organization

Cyber Security Breaches Survey 2022

Cybersecurity managers with a direct line to executive boards set the tone for investment: Study

Cybersecurity readiness for CII deemed critical

DDoS attacks becoming larger and more complex, finance most targeted sector

Deploying pseudonymization techniques to protect health data

DPRK hackers go after crypto assets using trojanized DeFi Wallet app

FBI efforts to disrupt business email compromise scams leads to 65 arrests

FBI Warns of Phishing Attacks Targeting US Election Officials

Financial advice industry gets hard word on cyber security

Globant admits to data breach after Lapsus$ releases source code

Globe Telecom flags new phishing scams

Google: Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts

Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks

Hive ransomware group claims Partnership HealthPlan of California data breach

Know Your Ransomware Enemy: Getting Inside the Mind of a Hacker

Lack of CLM maturity is putting organizations at risk

Linux secure networking security bug found and fixed

List of data breaches and cyber attacks in March 2022 – 3.99 million records breached

‘Low’ threat of cyber attack on Ireland but ransomware risk is high, says top official

Mahesh Bank was easy pickings for hacker

Meet BlackGuard: a new infostealer peddled on Russian hacker forums

Microsoft: These are the Windows Update policies to use for your PCs (and rollercoasters)

New BlackGuard password-stealing malware sold on hacker forums

New York City wants an FBI investigation into the data breach that affected 820,000 students

No Patch Available Yet for Critical SpringShell Bug

On World Backup Day, overconfidence a worrying trend among organizations

Palo Alto Networks error exposed customer support cases, attachments

PayPal Text Message Scam

QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug

Ransomware payments increased 78% last year

Red flag for ransomware: attackers are using Log4Shell vulnerability to deliver backdoors to virtual servers, Sophos research shows

Reducing Critical Infrastructure Risk From End-of-Life Software

Safe Mode Is A Growing Attack Surface For Bad Actors

Samsung’s Advanced Chip Technologies Stolen In Data Breach

Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework

Spring4Shell: No need to panic, but mitigations are advised

The current state of enterprise backup and recovery

The volume of DDoS attacks from compromised IoT devices rose significantly in March

Ukraine Leaks Personal Details of 620 Alleged FSB Agents

US healthcare data breach impacts 85,000 law enforcement officers

Viasat confirms satellite modems were wiped with AcidRain malware

Where should companies start when it comes to device security?

Why do organizations need to prioritize cyber resiliency?

WorldBackupDay: 5 Backup Tips to Retain Critical Data Following a Ransomware Attack


A Look Inside Biden's Spending Proposals for HHS Agencies

A Third of UK Businesses Experience Cyber-Attacks at Least Once a Week

As Lapsus$ comes back from 'vacation,' Sitel clarifies position on data breach

Attackers Steal $618m From Crypto Firm

Crypto Hackers Exploit Ronin Network for $615 Million

Design, prioritize, and implement a cyber defense program with CIS CDM 2.0

Despite Arrests, Lapsus$ Adds Globant to Victim List

Electric Vehicle DC charging tripped by a wireless hack

FBI disrupts BEC cybercrime gangs targeting victims worldwide

FBI Investigating More than 100 Ransomware Variants

Get an extra 50% off these 10 ethical hacking e-learning bundles

Globant confirms hack after Lapsus$ leaks 70GB of stolen data

Google: Russian phishing attacks target NATO, European military

Hacker roubou mais de US$ 600 milhões da Ronin. O que acontece agora?

Hive ransomware uses new 'IPfuscation' trick to hide payload

Honda's Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

How hard is it to address Apple’s in-app deletion requirements and implement privacy compliance?

How to recruit cybersecurity talent from atypical backgrounds

Infosecurity Europe Unveils Keynote Speakers for 2022 Event

IoT warning: Hackers are gaining access to UPS devices. Here's how to protect yours

ISH Tecnologia sofre o primeiro revés ao não conseguir defender a rede Sebrae de ataque cibernético

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data

Log4Shell Used in a Third of Malware Infections

Mars Stealer malware pushed via Google Ads and phishing emails

Mazda Infotainment Crash Shows How Fragile Car Security Really Is

NCSC: Time to Rethink Russian Supply Chain Risks

New Research Claims Biden's Disclosure Deadlines Are Unrealistic

New Spring Java framework zero-day allows remote code execution

Okta Breach Timeline, Attack Method Analyzed

Partnership Health Plan of California IT Systems Still Down

Personal Data of 820,000 NYC Students Exposed

Phishing campaign targets Russian govt dissidents with Cobalt Strike

Posts on name-and-shame dark web leak sites climbed 85% in 2021

QNAP warns severe OpenSSL bug affects most of its NAS devices

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread

Sophos Patches Critical RCE Bug Exploited in the Wild

State-backed hacking attacks are a big worry, but most firms don't know what to watch out for

The benefits of implementing continuous security in the development lifecycle

This new ransomware targets data visualization tool Jupyter Notebook

Tribunal Federal da 3ª Região, em São Paulo, é alvo de ataque hacker e tem trabalhos suspensos nesta quarta

Two-factor authentication is a great idea. But not enough people are using it

Ubiquiti sues Krebs on Security for defamation

Ukrainian software developers share their stories and photos from the war zone

US national emergency extended due to elevated malicious cyber activity

Viasat: Feb. cyber attack impacted tens of thousands of customers in Ukraine, Europe

Viasat spills on the Russian attack, warns of continued risks

Viasat Traces Outage to Exploit of VPN Misconfiguration

VMware Horizon platform pummeled by Log4j-fueled attacks

Web3 and the future of data portability: Rethinking user experiences and incentives on the internet


82% of Public Sector Applications Contain Security Flaws

$620 million in crypto stolen from Axie Infinity's Ronin bridge

$625M stolen from Axie Infinity ‘s Ronin bridge, the largest ever crypto hack

2021 COVID bounce: Malware has returned with a vengeance

A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages

Attackers are exploiting recently patched RCE in Sophos Firewall (CVE-2022-1040)

Australian Budget 2022 delivers AU$9.9 billion for spicy cyber

CISA adds Chrome, Redis bugs to the Known Exploited Vulnerabilities Catalog

CISA warns of attacks targeting Internet-connected UPS devices

Compromised WordPress sites launch DDoS on Ukrainian websites

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation

Dental Practice Fined for Sharing Patient Data on Social Media

European Police Bust Multimillion-Dollar Investment Fraud Gang

Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation

FBI warns election officials of credential phishing attacks

Hackers are getting faster at exploiting zero day flaws. That's going to be a problem for everyone

Hackers use modified MFA tool against Indian govt employees

How to Disrupt the Web Attack Lifecycle

Log4Shell exploited to infect VMware Horizon servers with backdoors, crypto miners

Mars Stealer malware pushed via OpenOffice ads on Google

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials

New Malware Loader 'Verblecon' Infects Hacked PCs with Cryptocurrency Miners

New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack

Not enough businesses have a formal ransomware plan in place

Privid: A Privacy-Preserving Surveillance Video Analytics System

Ransomware, Malware, Phishing Top List of IT Security Concerns

Sanctions Hitting Russian Cyber-Criminals Hard

Security Incidents Reported to FCA Surge 52% in 2021

Shutterfly discloses data breach after Conti ransomware attack

Singapore offers certification scheme to tag companies with robust security posture

Subdomain takeover attacks on the rise and harder to monitor

The Israeli cybersecurity funding landscape in the past year

The security gaps that can be exposed by cybersecurity asset management

Transparent Tribe APT returns to strike India's government and military

Ukraine Suffers Significant Internet Disruption Following Cyber-Attack

Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure

Using Russian tech? It's time to look at the risks again, says cybersecurity chief

Verblecon malware loader used in stealthy crypto mining attacks

What Does it Mean to Be Zero-Day?

What is credential stuffing? And how to prevent it?

What’s stopping organizations from becoming data-driven?

With Great 5G Power Comes Great Responsibility

Wyze Cam flaw lets hackers remotely access your saved videos

Yandex is Sending iOS Users' Data to Russia


5 old social engineering tricks employees still fall for, and 4 new gotchas

Anonymous Claimed Data Leak to Force Nestlé Out of Russia

Beware of old and new tax-themed scams and schemes

Chrome and Edge hit with V8 type confusion vulnerability with in-the-wild exploit

CISA: Here are 66 more security flaws actively being used by hackers - so get patching

Cloud-native adoption shifts security responsibility across teams

Cyber Incident Reporting Act: What it means for your organization

Cyber security risks and companies’ readiness

Cybercriminals launched 9.75 million DDoS attacks in 2021

Cybersecurity is everyone's responsibility

Deadline passes for R220m extortion demand in TransUnion cyber attack

Emerging mobile threat

Ethical hackers ‘hit the jackpot’ as tech groups pay for protection

Extended Threat Intelligence: A new approach to old school threat intelligence

Fastest ransomware found to encrypt 53GB of data in just over four minutes

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware

How scammers posing as SingPost trick victims with SMSes, fake sites

Hundreds more packages found in malicious npm 'factory'

Is Your Business Ready to Deal with the Impact of a Cyber-Incident?

Japanese firms face growing cybersecurity risks amid war in Ukraine

Man linked to multi-million dollar ransomware attacks gets 66 months in prison for online fraud

Microsoft Exchange targeted for IcedID reply-chain hijacking attacks

Morgan Stanley Wealth Management accounts breached in ‘vishing’ attacks

New report suggests Ransomware payments skyrocketed in 2021

Okta: We made a mistake over Lapsus$ breach notification

'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks

Ransomware Attacks Soar by 100% in 2021

Ransomware groups are driving Active Directory exploitation to unacceptable rates

Report outlines cost of data breach on enterprises, SMBs in 2021

Senators Introduce Healthcare Cybersecurity Act

Sophos patches critical remote code execution vulnerability in Firewall

STELCO hit with ransomware attack; interrupts services

SunCrypt ransomware is still alive and kicking in 2022

The Cloud as the New Data Center: What it Means for Security

TransUnion hack: Deadline passes for R220m extortion demand

UK ransomware attacks double in past year

US Proposes Healthcare Cybersecurity Act

Washington Health District Suffers Another Data Breach

Who is LAPSUS$, the Big, Bad Cybercrime Gang Hacking Tech’s Biggest Companies?

Zero-day Attacks Doubled in 2021


Bad Actors Can Now Obtain Dangerous Cyber Attack Kits On The Dark Web For Less Than $50

Critical Sophos Firewall vulnerability allows remote code execution

Cybercriminal Connected to Multimillion Dollar Ransomware Attacks Sentenced for Online Fraud Schemes

Delivering and securing security solutions on the edge

Greek Institutions Hit by Hackers Disrupting Services, Seeking Ransom

Hive ransomware ports its Linux VMware ESXi encryptor to Rust

How criminals can use stolen data from the TransUnion hack

How North Korean Cyberattacks Threaten the Developing World

HOW to spot and avoid common online scams

Identifying Crypto Scams and General Advice on Avoiding Them

In 2022, Cyberthreats and Ransomware will be a challenge for organizations of all sizes

Marshalls internet service hit by cyber attack

Network Security- Don’t Be The Next Target: Tips To Keep Your Business Safe!

Nimhans sees ransomware attack; IT cell checks spread

Okta: "We made a mistake" delaying the Lapsus$ hack disclosure

'Preparation, not panic': Top US cyber official asks Americans to look out for Russian hacking efforts

The Philippines: National Privacy Commission (NPC) mulls P5 million limit on fines for data breaches

These Phishing Tactics Disguised as 'Fun' on Social Media. Here's What to Look For

Top ten unique cyberattacks in 2022

TransUnion says at least three million people affected by data breach

What Can Hackers do With Stolen Information?

NEWS: Março (20/03 - 26/03) - 11 Semana de 2022

Who am I...

Apenas um amante da tecnologia e da Segurança da Informação. Hacker ? Até que prove ao contrário não.. Profissional ? Sim.. Mais de 20 anos no mercado de Segurança da Informação sempre atuando em grandes Empresas.


Levantando a bandeira de que hacker é um profissional e especialista naquilo que ele faz. Hacker é um especialista, um pesquisador, um profissional como outro qualquer.

Skatista, músico e fotógrafo de instagram nas horas vagas....

Procurar por Tags
Pelo Mundo Afora...
  • Twitter Social Icon
  • LinkedIn Social Icon
bottom of page