top of page

NEWS: Março (27/03 - 02/04) - 13 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!


10 Leading Practices for Managing the Risk of Remote Access

Advanced Phishing Attacks Saw Twofold Increase in 2021

After massive New York City (NYC) student data breach, here are the steps you can take

Android spyware linked to Russian hackers tracks location, records audio

Bored Ape and other major NFT Discord servers targeted by scammers

Comelec: Smartmatic data breach not related to polls

Cyber Espionage Actor Deploying Malware Using Excel

Dark web trade in personal data on rise

Hackers linked to North Korea were suspected of carrying out a cyberattack on South Korea

Hunting for Spring Core Exploitation

Is the end nigh for end-to-end encryption?

Millions Drained From Ethereum DeFi Protocol Inverse Finance

Norton Phishing Scam Uses Personal Info to Steal Money from Victims

Password Stealing BlackGuard Malware Sold In Russian Hacking Forum Targets A Ton Of Apps

Protect your printer by keeping the firmware up to date

Scammers are texting you from your own number now — here’s what to do if that happens

Scammers Hacked the Project Bots of Bored Ape and Other NFT Discords on April Fools Day

Spring4Shell: Spring Remote Code Execution Vulnerability

Teenage hackers trick Facebook and Apple into giving up data – Are you at risk?

This fake Norton antivirus email could really ruin your weekend

UK charges two teenagers linked to the Lapsus$ hacking group

US Health Provider Law Enforcement Health Benefits (LEHB) Hit by Ransomware Attack, Network Compromised

Warnings Issued to Private Businesses, Citizens About Potential Cyber Attacks

Web3 Is Supposed to Be Secure. What About All These Hacks?


$72 million lost in mobile app ad fraud: AppsFlyer

A Former Teen Hacker Explains Why It’s So Hard to Stop Teen Hackers

Accelerating awareness in a new era of cybercrime

AcidRain, a wiper that crippled routers and modems in Europe

Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked

Apple Rushes Out Patches for 0-Days in MacOS, iOS

Arquivos de ajuda da Microsoft disfarçam o malware Vidar

'Back from vacation': Lapsus$ now claims to have data from an Apple partner

Beastmode botnet boosts DDoS power with new router exploits

‘Cadbury Easter Egg Hunt’ Scam Circulates on WhatsApp

California health plan facing network disruptions after alleged Hive ransomware attack

Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit

Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit

CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog

Cloud native application security is a critical priority, risk perception is worryingly low

Critical Bugs in Rockwell PLC Could Allow Hackers to Implant Malicious Code

Critical GitLab vulnerability lets attackers take over accounts

Data Breach Alert: Condor Earth Technologies, Inc.

Data Breach Alert: SuperCare Health

Executives for Health Innovation (EHI) Provides Guidance for Protecting non-HIPAA-Covered Health Data

EU draft law adds security checks to all crypto transactions

FBI: Ransomware attacks are piling up the pressure on public services

Flaws in Wyze cam devices allow their complete takeover

GEBE investigating cyberattack, says efforts focused on minimising impact

Google Opens new Ad-Targeting API—Topics, ‘Privacy Sandbox’ and FLEDGE

Government workers rely on Microsoft. That could be a security problem, Google claims

Hackers are taking aim at food companies

Hackers have found a clever new way to steal your Microsoft 365 credentials

House Passes Better Cybercrime Metrics Act

How Restaurant Operators Can Defend Against Ransomware

Increase in Cyber-Attacks Leads to Influx of New Reporting Obligations

Ireland: More than €22 million stolen by fraudsters in bank account takeovers in 2021

IT And OT Convergence Need Holistic Cybersecurity Protection

IT Services Giant Admits $42m Fallout from Ransomware Attack

JavaScript security: The importance of prioritizing the client side

Making security mistakes may come with a high price for employees

Microsoft adds Windows 11 upgrade block due to IE11 known issue

Modem-wiping malware was behind Viasat cyberattack

Nigerian Arrested in India for Involvement in N665m Bank Scam

North Korean Hackers Distributing Trojanized DeFi Wallet Apps to Steal Victims' Crypto

One in four employees who made security mistakes lost their job

Over Half of Data Security Incidents Caused by Insiders

Pfizer asks hourly staffers to return overpayments in aftermath of vendor's cyberattack: reports

Phishing email offers students financially impacted by COVID-19 up to $4,000 in financial aid

Protecting and Transforming Cyber Health Care (PATCH) Act seeks to shore up security for medical devices, IoT networks

Ransomware attacks straining local governments, public services

Ransomware Gangs Claim Health Plan and Healthcare Provider Attacked

Ransomware Payments Hit Record Highs in 2021

Recent cyberattack against Iberdrola affects the data of 1.3 million customers

Results Overview: 2022 MITRE ATT&CK Evaluation – Wizard Spider and Sandworm Edition

Russian-linked Android malware records audio, tracks your location

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems

Sitel on Okta breach: "spreadsheet" did not contain passwords

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

Spring4Shell: New info and fixes (CVE-2022-22965)

SunVia bets that controlling your own identity will make the metaverse successful

Tesco shoppers urged to delete scam email immediately from inbox

The spectre of Stuxnet: CISA issues alert on Rockwell Automation ICS vulnerabilities

Trend Micro fixes actively exploited remote code execution bug

Two teenagers charged in connection with investigation into hacking group, says City of London police

UK Spy Chief Hails Government Cell Tackling Kremlin Fake News

Viasat Confirms 'AcidRain' Malware Could Have Wiped Modems

Vishing Continues to be a Risk Worth Assessing

Zero trust in business cyber security

Zyxel fixes a critical bug in its business firewall and VPN devices

Zyxel urges customers to patch critical firewall bypass vulnerability

We need an industry-backed, tech-neutral resource to restore trust in voice communications


17 tips to keep you safe from phishing schemes

57% of people can’t recall if they ever backed up their important documents

2022 World Backup Day

About 1,300 Catholic Health patients affected by email security incident at vendor

Apple emergency update fixes zero-days used to hack iPhones, Macs

Australia's second tranche of cyber laws passes both Houses

Average UK cyberattack cost £4,200 last year

Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks

Botnet attacks: How bad bots can impact your enterprise

Brand Exposure: How Exposed Personal Data Impacts Corporate Digital Risk

Bugs in Wyze Cams Could Let Attackers Takeover Devices and Access Video Feeds

Chinese hacking group uses new 'Fire Chili' Windows rootkit

CISA Issues UPS Warning

Connecticut’s Bradley Airport Website Hit by Cyberattack

Cyber-Attack on California Healthcare Organization

Cyber Security Breaches Survey 2022

Cybersecurity managers with a direct line to executive boards set the tone for investment: Study

Cybersecurity readiness for CII deemed critical

DDoS attacks becoming larger and more complex, finance most targeted sector

Deploying pseudonymization techniques to protect health data

DPRK hackers go after crypto assets using trojanized DeFi Wallet app

FBI efforts to disrupt business email compromise scams leads to 65 arrests

FBI Warns of Phishing Attacks Targeting US Election Officials

Financial advice industry gets hard word on cyber security

Globant admits to data breach after Lapsus$ releases source code

Globe Telecom flags new phishing scams

Google: Multiple hacking groups are using the war in Ukraine as a lure in phishing attempts

Hackers Increasingly Using 'Browser-in-the-Browser' Technique in Ukraine Related Attacks

Hive ransomware group claims Partnership HealthPlan of California data breach

Know Your Ransomware Enemy: Getting Inside the Mind of a Hacker

Lack of CLM maturity is putting organizations at risk

Linux secure networking security bug found and fixed

List of data breaches and cyber attacks in March 2022 – 3.99 million records breached

‘Low’ threat of cyber attack on Ireland but ransomware risk is high, says top official

Mahesh Bank was easy pickings for hacker

Meet BlackGuard: a new infostealer peddled on Russian hacker forums

Microsoft: These are the Windows Update policies to use for your PCs (and rollercoasters)

New BlackGuard password-stealing malware sold on hacker forums

New York City wants an FBI investigation into the data breach that affected 820,000 students

No Patch Available Yet for Critical SpringShell Bug

On World Backup Day, overconfidence a worrying trend among organizations

Palo Alto Networks error exposed customer support cases, attachments

PayPal Text Message Scam

QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug

Ransomware payments increased 78% last year

Red flag for ransomware: attackers are using Log4Shell vulnerability to deliver backdoors to virtual servers, Sophos research shows

Reducing Critical Infrastructure Risk From End-of-Life Software

Safe Mode Is A Growing Attack Surface For Bad Actors

Samsung’s Advanced Chip Technologies Stolen In Data Breach

Security Patch Releases for Critical Zero-Day Bug in Java Spring Framework

Spring4Shell: No need to panic, but mitigations are advised

The current state of enterprise backup and recovery

The volume of DDoS attacks from compromised IoT devices rose significantly in March

Ukraine Leaks Personal Details of 620 Alleged FSB Agents

US healthcare data breach impacts 85,000 law enforcement officers

Viasat confirms satellite modems were wiped with AcidRain malware

Where should companies start when it comes to device security?

Why do organizations need to prioritize cyber resiliency?

WorldBackupDay: 5 Backup Tips to Retain Critical Data Following a Ransomware Attack


A Look Inside Biden's Spending Proposals for HHS Agencies

A Third of UK Businesses Experience Cyber-Attacks at Least Once a Week

As Lapsus$ comes back from 'vacation,' Sitel clarifies position on data breach

Attackers Steal $618m From Crypto Firm

Crypto Hackers Exploit Ronin Network for $615 Million

Design, prioritize, and implement a cyber defense program with CIS CDM 2.0

Despite Arrests, Lapsus$ Adds Globant to Victim List

Electric Vehicle DC charging tripped by a wireless hack

FBI disrupts BEC cybercrime gangs targeting victims worldwide

FBI Investigating More than 100 Ransomware Variants

Get an extra 50% off these 10 ethical hacking e-learning bundles

Globant confirms hack after Lapsus$ leaks 70GB of stolen data

Google: Russian phishing attacks target NATO, European military

Hacker roubou mais de US$ 600 milhões da Ronin. O que acontece agora?

Hive ransomware uses new 'IPfuscation' trick to hide payload

Honda's Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles

How hard is it to address Apple’s in-app deletion requirements and implement privacy compliance?

How to recruit cybersecurity talent from atypical backgrounds

Infosecurity Europe Unveils Keynote Speakers for 2022 Event

IoT warning: Hackers are gaining access to UPS devices. Here's how to protect yours

ISH Tecnologia sofre o primeiro revés ao não conseguir defender a rede Sebrae de ataque cibernético

LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data

Log4Shell Used in a Third of Malware Infections

Mars Stealer malware pushed via Google Ads and phishing emails

Mazda Infotainment Crash Shows How Fragile Car Security Really Is

NCSC: Time to Rethink Russian Supply Chain Risks

New Research Claims Biden's Disclosure Deadlines Are Unrealistic

New Spring Java framework zero-day allows remote code execution

Okta Breach Timeline, Attack Method Analyzed

Partnership Health Plan of California IT Systems Still Down

Personal Data of 820,000 NYC Students Exposed

Phishing campaign targets Russian govt dissidents with Cobalt Strike

Posts on name-and-shame dark web leak sites climbed 85% in 2021

QNAP warns severe OpenSSL bug affects most of its NAS devices

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread

Sophos Patches Critical RCE Bug Exploited in the Wild

State-backed hacking attacks are a big worry, but most firms don't know what to watch out for

The benefits of implementing continuous security in the development lifecycle