NEWS: Março (27/03 - 02/04) - 13 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

02/04


10 Leading Practices for Managing the Risk of Remote Access


Advanced Phishing Attacks Saw Twofold Increase in 2021


After massive New York City (NYC) student data breach, here are the steps you can take


Android spyware linked to Russian hackers tracks location, records audio


Bored Ape and other major NFT Discord servers targeted by scammers


Comelec: Smartmatic data breach not related to polls


Cyber Espionage Actor Deploying Malware Using Excel


Dark web trade in personal data on rise


Hackers linked to North Korea were suspected of carrying out a cyberattack on South Korea


Hunting for Spring Core Exploitation


Is the end nigh for end-to-end encryption?


Millions Drained From Ethereum DeFi Protocol Inverse Finance


Norton Phishing Scam Uses Personal Info to Steal Money from Victims


Password Stealing BlackGuard Malware Sold In Russian Hacking Forum Targets A Ton Of Apps


Protect your printer by keeping the firmware up to date


Scammers are texting you from your own number now — here’s what to do if that happens


Scammers Hacked the Project Bots of Bored Ape and Other NFT Discords on April Fools Day


Spring4Shell: Spring Remote Code Execution Vulnerability


Teenage hackers trick Facebook and Apple into giving up data – Are you at risk?


This fake Norton antivirus email could really ruin your weekend


UK charges two teenagers linked to the Lapsus$ hacking group


US Health Provider Law Enforcement Health Benefits (LEHB) Hit by Ransomware Attack, Network Compromised


Warnings Issued to Private Businesses, Citizens About Potential Cyber Attacks


Web3 Is Supposed to Be Secure. What About All These Hacks?


01/04


$72 million lost in mobile app ad fraud: AppsFlyer


A Former Teen Hacker Explains Why It’s So Hard to Stop Teen Hackers


Accelerating awareness in a new era of cybercrime


AcidRain, a wiper that crippled routers and modems in Europe


Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked


Apple Rushes Out Patches for 0-Days in MacOS, iOS


Arquivos de ajuda da Microsoft disfarçam o malware Vidar


'Back from vacation': Lapsus$ now claims to have data from an Apple partner


Beastmode botnet boosts DDoS power with new router exploits


‘Cadbury Easter Egg Hunt’ Scam Circulates on WhatsApp


California health plan facing network disruptions after alleged Hive ransomware attack


Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit


Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit


CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog


Cloud native application security is a critical priority, risk perception is worryingly low


Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code


Critical GitLab vulnerability lets attackers take over accounts


Data Breach Alert: Condor Earth Technologies, Inc.


Data Breach Alert: SuperCare Health


Executives for Health Innovation (EHI) Provides Guidance for Protecting non-HIPAA-Covered Health Data


EU draft law adds security checks to all crypto transactions


FBI: Ransomware attacks are piling up the pressure on public services


Flaws in Wyze cam devices allow their complete takeover


GEBE investigating cyberattack, says efforts focused on minimising impact


Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE


Government workers rely on Microsoft. That could be a security problem, Google claims


Hackers are taking aim at food companies


Hackers have found a clever new way to steal your Microsoft 365 credentials


House Passes Better Cybercrime Metrics Act


How Restaurant Operators Can Defend Against Ransomware


Increase in Cyber-Attacks Leads to Influx of New Reporting Obligations


Ireland: More than €22 million stolen by fraudsters in bank account takeovers in 2021


IT And OT Convergence Need Holistic Cybersecurity Protection


IT Services Giant Admits $42m Fallout from Ransomware Attack


JavaScript security: The importance of prioritizing the client side


Making security mistakes may come with a high price for employees


Microsoft adds Windows 11 upgrade block due to IE11 known issue


Modem-wiping malware was behind Viasat cyberattack


Nigerian Arrested in India for Involvement in N665m Bank Scam


North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto


One in four employees who made security mistakes lost their job


Over Half of Data Security Incidents Caused by Insiders


Pfizer asks hourly staffers to return overpayments in aftermath of vendor's cyberattack: reports


Phishing email offers students financially impacted by COVID-19 up to $4,000 in financial aid


Protecting and Transforming Cyber Health Care (PATCH) Act seeks to shore up security for medical devices, IoT networks


Ransomware attacks straining local governments, public services


Ransomware Gangs Claim Health Plan and Healthcare Provider Attacked


Ransomware Payments Hit Record Highs in 2021


Recent cyberattack against Iberdrola affects the data of 1.3 million customers


Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition


Russian-linked Android malware records audio, tracks your location


Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems


Sitel on Okta breach: "spreadsheet" did not contain passwords


Spokane Regional Health District Announces Second Phishing Attack in 3 Months


Spring4Shell: New info and fixes (CVE-2022-22965)


SunVia bets that controlling your own identity will make the metaverse successful


Tesco shoppers urged to delete scam email immediately from inbox


The spectre of Stuxnet: CISA issues alert on Rockwell Automation ICS vulnerabilities


Trend Micro fixes actively exploited remote code execution bug


Two teenagers charged in connection with investigation into hacking group, says City of London police


UK Spy Chief Hails Government Cell Tackling Kremlin Fake News


Viasat Confirms 'AcidRain' Malware Could Have Wiped Modems


Vishing Continues to be a Risk Worth Assessing


Zero trust in business cyber security


Zyxel fixes a critical bug in its business firewall and VPN devices


Zyxel urges customers to patch critical firewall bypass vulnerability


We need an industry-backed, tech-neutral resource to restore trust in voice communications



31/03


17 tips to keep you safe from phishing schemes


57% of people can’t recall if they ever backed up their important documents


2022 World Backup Day


About 1,300 Catholic Health patients affected by email security incident at vendor


Apple emergency update fixes zero-days used to hack iPhones, Macs


Australia's second tranche of cyber laws passes both Houses


Average UK cyberattack cost £4,200 last year


Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks


Botnet attacks: How bad bots can impact your enterprise


Brand Exposure: How Exposed Personal Data Impacts Corporate Digital Risk


Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds


Chinese hacking group uses new 'Fire Chili' Windows rootkit


CISA Issues UPS Warning


Connecticut’s Bradley Airport Website Hit by Cyberattack


Cyber-Attack on California Healthcare Organization


Cyber Security Breaches Survey 2022


Cybersecurity managers with a direct line to executive boards set the tone for investment: Study


Cybersecurity readiness for CII deemed critical


DDoS attacks becoming larger and more complex, finance most targeted sector


Deploying pseudonymization techniques to protect health data


DPRK hackers go after crypto assets using trojanized DeFi Wallet app


FBI efforts to disrupt business email compromise scams leads to 65 arrests


FBI Warns of Phishing Attacks Targeting US Election Officials


Financial advice industry gets hard word on cyber security


Globant admits to data breach after Lapsus$ releases source code


Globe Telecom flags new phishing scams


Google: Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts


Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks


Hive ransomware group claims Partnership HealthPlan of California data breach


Know Your Ransomware Enemy: Getting Inside the Mind of a Hacker


Lack of CLM maturity is putting organizations at risk


Linux secure networking security bug found and fixed


List of data breaches and cyber attacks in March 2022 – 3.99 million records breached


‘Low’ threat of cyber attack on Ireland but ransomware risk is high, says top official


Mahesh Bank was easy pickings for hacker


Meet BlackGuard: a new infostealer peddled on Russian hacker forums


Microsoft: These are the Windows Update policies to use for your PCs (and rollercoasters)


New BlackGuard password-stealing malware sold on hacker forums


New York City wants an FBI investigation into the data breach that affected 820,000 students


No Patch Available Yet for Critical SpringShell Bug


On World Backup Day, overconfidence a worrying trend among organizations


Palo Alto Networks error exposed customer support cases, attachments


PayPal Text Message Scam


QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug


Ransomware payments increased 78% last year


Red flag for ransomware: attackers are using Log4Shell vulnerability to deliver backdoors to virtual servers, Sophos research shows


Reducing Critical Infrastructure Risk From End-of-Life Software


Safe Mode Is A Growing Attack Surface For Bad Actors


Samsung’s Advanced Chip Technologies Stolen In Data Breach


Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework


Spring4Shell: No need to panic, but mitigations are advised


The current state of enterprise backup and recovery


The volume of DDoS attacks from compromised IoT devices rose significantly in March


Ukraine Leaks Personal Details of 620 Alleged FSB Agents


US healthcare data breach impacts 85,000 law enforcement officers


Viasat confirms satellite modems were wiped with AcidRain malware


Where should companies start when it comes to device security?


Why do organizations need to prioritize cyber resiliency?


WorldBackupDay: 5 Backup Tips to Retain Critical Data Following a Ransomware Attack


30/03


A Look Inside Biden's Spending Proposals for HHS Agencies


A Third of UK Businesses Experience Cyber-Attacks at Least Once a Week


As Lapsus$ comes back from 'vacation,' Sitel clarifies position on data breach


Attackers Steal $618m From Crypto Firm


Crypto Hackers Exploit Ronin Network for $615 Million


Design, prioritize, and implement a cyber defense program with CIS CDM 2.0


Despite Arrests, Lapsus$ Adds Globant to Victim List


Electric Vehicle DC charging tripped by a wireless hack


FBI disrupts BEC cybercrime gangs targeting victims worldwide


FBI Investigating More than 100 Ransomware Variants


Get an extra 50% off these 10 ethical hacking e-learning bundles


Globant confirms hack after Lapsus$ leaks 70GB of stolen data


Google: Russian phishing attacks target NATO, European military


Hacker roubou mais de US$ 600 milhões da Ronin. O que acontece agora?


Hive ransomware uses new 'IPfuscation' trick to hide payload


Honda's Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles


How hard is it to address Apple’s in-app deletion requirements and implement privacy compliance?


How to recruit cybersecurity talent from atypical backgrounds


Infosecurity Europe Unveils Keynote Speakers for 2022 Event


IoT warning: Hackers are gaining access to UPS devices. Here's how to protect yours


ISH Tecnologia sofre o primeiro revés ao não conseguir defender a rede Sebrae de ataque cibernético


LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data


Log4Shell Used in a Third of Malware Infections


Mars Stealer malware pushed via Google Ads and phishing emails


Mazda Infotainment Crash Shows How Fragile Car Security Really Is


NCSC: Time to Rethink Russian Supply Chain Risks


New Research Claims Biden's Disclosure Deadlines Are Unrealistic


New Spring Java framework zero-day allows remote code execution


Okta Breach Timeline, Attack Method Analyzed


Partnership Health Plan of California IT Systems Still Down


Personal Data of 820,000 NYC Students Exposed


Phishing campaign targets Russian govt dissidents with Cobalt Strike


Posts on name-and-shame dark web leak sites climbed 85% in 2021


QNAP warns severe OpenSSL bug affects most of its NAS devices


Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread


Sophos Patches Critical RCE Bug Exploited in the Wild


State-backed hacking attacks are a big worry, but most firms don't know what to watch out for


The benefits of implementing continuous security in the development lifecycle


This new ransomware targets data visualization tool Jupyter Notebook


Tribunal Federal da 3ª Região, em São Paulo, é alvo de ataque hacker e tem trabalhos suspensos nesta quarta


Two-factor authentication is a great idea. But not enough people are using it


Ubiquiti sues Krebs on Security for defamation


Ukrainian software developers share their stories and photos from the war zone


US national emergency extended due to elevated malicious cyber activity


Viasat: Feb. cyber attack impacted tens of thousands of customers in Ukraine, Europe


Viasat spills on the Russian attack, warns of continued risks


Viasat Traces Outage to Exploit of VPN Misconfiguration


VMware Horizon platform pummeled by Log4j-fueled attacks


Web3 and the future of data portability: Rethinking user experiences and incentives on the internet


29/03


82% of Public Sector Applications Contain Security Flaws


$620 million in crypto stolen from Axie Infinity's Ronin bridge


$625M stolen from Axie Infinity ‘s Ronin bridge, the largest ever crypto hack


2021 COVID bounce: Malware has returned with a vengeance


A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages


Attackers are exploiting recently patched RCE in Sophos Firewall (CVE-2022-1040)


Australian Budget 2022 delivers AU$9.9 billion for spicy cyber


CISA adds Chrome, Redis bugs to the Known Exploited Vulnerabilities Catalog


CISA warns of attacks targeting Internet-connected UPS devices


Compromised WordPress sites launch DDoS on Ukrainian websites


Critical Sophos Firewall RCE Vulnerability Under Active Exploitation


Dental Practice Fined for Sharing Patient Data on Social Media


European Police Bust Multimillion-Dollar Investment Fraud Gang


Experts Detail Virtual Machine Used by Wslink Malware Loader for Obfuscation


FBI warns election officials of credential phishing attacks


Hackers are getting faster at exploiting zero day flaws. That's going to be a problem for everyone


Hackers use modified MFA tool against Indian govt employees


How to Disrupt the Web Attack Lifecycle


Log4Shell exploited to infect VMware Horizon servers with backdoors, crypto miners


Mars Stealer malware pushed via OpenOffice ads on Google


New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials


New Malware Loader 'Verblecon' Infects Hacked PCs with Cryptocurrency Miners


New Report on Okta Hack Reveals the Entire Episode LAPSUS$ Attack


Not enough businesses have a formal ransomware plan in place


Privid: A Privacy-Preserving Surveillance Video Analytics System


Ransomware, Malware, Phishing Top List of IT Security Concerns


Sanctions Hitting Russian Cyber-Criminals Hard


Security Incidents Reported to FCA Surge 52% in 2021


Shutterfly discloses data breach after Conti ransomware attack


Singapore offers certification scheme to tag companies with robust security posture


Subdomain takeover attacks on the rise and harder to monitor


The Israeli cybersecurity funding landscape in the past year


The security gaps that can be exposed by cybersecurity asset management


Transparent Tribe APT returns to strike India's government and military


Ukraine Suffers Significant Internet Disruption Following Cyber-Attack


Ukrtelecom, a major mobile service and internet provider in Ukraine, foiled a “massive” cyberattack that hit its infrastructure


Using Russian tech? It's time to look at the risks again, says cybersecurity chief


Verblecon malware loader used in stealthy crypto mining attacks


What Does it Mean to Be Zero-Day?


What is credential stuffing? And how to prevent it?


What’s stopping organizations from becoming data-driven?


With Great 5G Power Comes Great Responsibility


Wyze Cam flaw lets hackers remotely access your saved videos


Yandex is Sending iOS Users' Data to Russia



28/03


5 old social engineering tricks employees still fall for, and 4 new gotchas


Anonymous Claimed Data Leak to Force Nestlé Out of Russia


Beware of old and new tax-themed scams and schemes


Chrome and Edge hit with V8 type confusion vulnerability with in-the-wild exploit


CISA: Here are 66 more security flaws actively being used by hackers - so get patching


Cloud-native adoption shifts security responsibility across teams


Cyber Incident Reporting Act: What it means for your organization


Cyber security risks and companies’ readiness


Cybercriminals launched 9.75 million DDoS attacks in 2021


Cybersecurity is everyone's responsibility


Deadline passes for R220m extortion demand in TransUnion cyber attack


Emerging mobile threat


Ethical hackers ‘hit the jackpot’ as tech groups pay for protection


Extended Threat Intelligence: A new approach to old school threat intelligence


Fastest ransomware found to encrypt 53GB of data in just over four minutes


Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread Malware


How scammers posing as SingPost trick victims with SMSes, fake sites


Hundreds more packages found in malicious npm 'factory'


Is Your Business Ready to Deal with the Impact of a Cyber-Incident?


Japanese firms face growing cybersecurity risks amid war in Ukraine


Man linked to multi-million dollar ransomware attacks gets 66 months in prison for online fraud


Microsoft Exchange targeted for IcedID reply-chain hijacking attacks


Morgan Stanley Wealth Management accounts breached in ‘vishing’ attacks


New report suggests Ransomware payments skyrocketed in 2021


Okta: We made a mistake over Lapsus$ breach notification


'Purple Fox' Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks


Ransomware Attacks Soar by 100% in 2021


Ransomware groups are driving Active Directory exploitation to unacceptable rates


Report outlines cost of data breach on enterprises, SMBs in 2021


Senators Introduce Healthcare Cybersecurity Act


Sophos patches critical remote code execution vulnerability in Firewall


STELCO hit with ransomware attack; interrupts services


SunCrypt ransomware is still alive and kicking in 2022


The Cloud as the New Data Center: What it Means for Security


TransUnion hack: Deadline passes for R220m extortion demand


UK ransomware attacks double in past year


US Proposes Healthcare Cybersecurity Act


Washington Health District Suffers Another Data Breach


Who is LAPSUS$, the Big, Bad Cybercrime Gang Hacking Tech’s Biggest Companies?


Zero-day Attacks Doubled in 2021


27/03


Bad Actors Can Now Obtain Dangerous Cyber Attack Kits On The Dark Web For Less Than $50


Critical Sophos Firewall vulnerability allows remote code execution


Cybercriminal Connected to Multimillion Dollar Ransomware Attacks Sentenced for Online Fraud Schemes


Delivering and securing security solutions on the edge


Greek Institutions Hit by Hackers Disrupting Services, Seeking Ransom


Hive ransomware ports its Linux VMware ESXi encryptor to Rust


How criminals can use stolen data from the TransUnion hack


How North Korean Cyberattacks Threaten the Developing World


HOW to spot and avoid common online scams


Identifying Crypto Scams and General Advice on Avoiding Them


In 2022, Cyberthreats and Ransomware will be a challenge for organizations of all sizes


Marshalls internet service hit by cyber attack


Network Security- Don’t Be The Next Target: Tips To Keep Your Business Safe!


Nimhans sees ransomware attack; IT cell checks spread


Okta: "We made a mistake" delaying the Lapsus$ hack disclosure


'Preparation, not panic': Top US cyber official asks Americans to look out for Russian hacking efforts


The Philippines: National Privacy Commission (NPC) mulls P5 million limit on fines for data breaches


These Phishing Tactics Disguised as 'Fun' on Social Media. Here's What to Look For


Top ten unique cyberattacks in 2022


TransUnion says at least three million people affected by data breach


What Can Hackers do With Stolen Information?



NEWS: Março (20/03 - 26/03) - 11 Semana de 2022


Who am I...

Apenas um amante da tecnologia e da Segurança da Informação. Hacker ? Até que prove ao contrário não.. Profissional ? Sim.. Mais de 20 anos no mercado de Segurança da Informação sempre atuando em grandes Empresas.

 

Levantando a bandeira de que hacker é um profissional e especialista naquilo que ele faz. Hacker é um especialista, um pesquisador, um profissional como outro qualquer.

Skatista, músico e fotógrafo de instagram nas horas vagas....

Procurar por Tags
Pelo Mundo Afora...
  • Twitter Social Icon
  • LinkedIn Social Icon