NEWS: Novembro (14/11 - 20/11) - 46 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!

20/11

$3.5B Worth of Crypto Seized by the IRS Cybercrime Unit in 2021 - Crypto Potato

Beware the Chinese Ransomware Attack With No Ransom - Asharq Al-Awsat

Diamond Looks To Returning Closer To Normal After Ransomware Attack - Bleeding Cool

Hackers flood FBI server with hoax messages - The Fiji Times

Hardcore gamers are more likely to suffer a cyberattack - TechRadar Pro

Intel processors are getting highly affected by flaws in BIOS - The Digital Hacker

Malware alert: Dozen plus Joker trojan-laced Android apps detected on Play Store - Deccan Herald

Microsoft Exchange servers hacked in internal reply-chain attacks - Bleeping Computer

Mid-sized businesses are 490% more likely to experience security breach since 2019 - Venture Beat

North Korean Hackers Found Behind a Range of Credential Theft Campaigns - The Hacker News

RedCurl Corporate Espionage Hackers Return With Updated Hacking Tools - The Hacker News

Six Million Sky Broadband Users at Risk of Being Hacked with Admin Password | Here's the List of Potentially Risky Units - Tech Times

Social Engineering: How Cybercriminals Use Your Emotions to Hack You - RTD

The havoc of Emotet malware is back and is upgrading itself using TrickBot - The Digital Hacker

University of Victoria wards off phishing attack - Martlet

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands - CSO Online

19/11

11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells - The Hacker News

52% of SMBs have experienced a cyberattack in the last year - Help Net Security

A Simple 5-Step Framework to Minimize the Risk of a Data Breach - The Hacker News

Android malware BrazKing returns as a stealthier banking trojan - Bleeping Computer

Android banking Trojan BrazKing is back with significant evasion improvements - Security Affairs

Are Ransomware Payments Covered by Cyberinsurance? - Security Boulevard

Big data in IoT market to reach $50.9 billion by 2026 - Help Net Security

California Pizza Kitchen data breach exposed 100,000 employee SSNs - BGR

Conti ransomware operations made at least $25.5 million since July 2021 - Security Affairs

Defense Contractors Highly Susceptible to Ransomware - Security Boulevard

Emotet botnet comeback orchestrated by Conti ransomware gang - Bleeping Computer

FBI Issues Flash Alert on Actively Exploited FatPipe VPN Zero-Day Bug - The Hacker News

Gaps in IT staff skills causing stress and decreased productivity - Help Net Security

How to handle third-party security risk management - Help Net Security

How to strengthen incident response in the health sector - Help Net Security

Iranians Charged for Disinformation and Threat Campaign to Influence the 2020 US Presidential Election - TechNadu

Lack of API visibility undermines basic principle of security - Help Net Security

Less than Half of Consumers Change Passwords Post-Breach - InfoSecurity Magazine

Malicious PyPl Packages Downloaded 40,000+ Times - InfoSecurity Magazine

Microsoft Defender gets AI-assisted ransomware brakes - Market Research Telecast

Microsoft: Windows Installer breaks apps after updates, repairs - Bleeping Computer

Philips, CISA Warn of Medical Device Product Security Flaws - Gov Info Security

Protecting Critical Infrastructure with Automation and Zero-Trust - Security Boulevard

Putnam County Sheriff’s Department’s Facebook page got hacked - Wish TV

Ransomware is now a giant black hole that is sucking in all other forms of cybercrime - ZDNet

Significant Security Flaw Left 6 Million Sky Routers Customers Exposed - TechNadu

Six million Sky routers exposed to takeover attacks for 17 months - Bleeping Computer

Suspected EncroChat Drug Trafficker Faces Trial - InfoSecurity Magazine

Transition from Cybersecurity to Cyber-Immunity, Says Eugene Kaspersky - InfoSecurity Magazine

U.S. Charged 2 Iranian Hackers for Threatening Voters During 2020 Presidential Election - The Hacker News

Utah medical center hit by data breach affecting 582k patients - Bleeping Computer

Why SecOps is Needed Now More Than Ever - Security Boulevard

18/11

Bots are lurking in your zombie and shadow APIs - Help Net Security

By the Numbers: The State of Security in eCommerce - Security Boulevard

China's APT41 Manages Library of Breached Certificates - InfoSecurity Magazine

CIEM “On The Rise” According to Gartner and Forrester Research - Security Boulevard

Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models - The Hacker News

Cyber complexity negatively impacts a company’s ability to respond to threats - Help Net Security

Cyber insurance is a fallback, not a solution for a ransomware attack - Engineering News

Dark web crooks are now teaching courses on how to build botnets - ZDNet

Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from Victims - The Hacker News

FBI attack shows all are vulnerable to phishing - Technology Decisions

Glitch service abused to host short-lived phishing sites - Bleeping Computer

Hackers deploy Linux malware, web skimmer on e-commerce servers - Bleeping Computer

High severity Intel chip flaw left cars, medical and IoT devices vulnerable - HackRead

How to improve your SaaS security posture and reduce risk - Help Net Security

Memento ransomware gang quick to retool for ‘optimum’ outcome - Computer Weekly

Microsoft addresses a high-severity vulnerability in Azure AD - Security Affairs

New phishing scheme targeting Netflix, other streaming users - TechGenix

North Korean cyberspies target govt officials with custom malware - Bleeping Computer

Palo Alto Networks’ Unit 42 Warns Cloud Attacks, Ransomware on the Rise - SDX Central

Reality check: Your security hygiene is worse than you think it is - Help Net Security

Report: The ROI of Modern Pentesting 2021 - Help Net Security

Russian Cybercrime Forums Open Doors to Chinese-Speakers - InfoSecurity Magazine

Security leaders need more data and context to conduct cloud investigationst - Help Net Security

Singaporean regulator punishes biggest-ever data breach: Almost 5.9 million hotel customers' info exposed - The Register

The COVID-19 crisis has fueled the increase of cybercrime in all its forms - Help Net Security

The six most common threats against the device that knows you best - Help Net Security

Threat Actors Discuss Leasing Zero-Day Exploits - InfoSecurity Magazine

TikTok influencers are being targeted by this dangerous new phishing threat - Techradar Pro

US indicts Iranian hackers for Proud Boys voter intimidation emails - Bleeping Computer

17/11

76% of gamers were financially affected by a cyberattack, losing $700+ on average - Help Net Security

Businesses are forced to adopt new cybersecurity measures - Help Net Security

Combating cybercrime: Lessons from a CIO and Marine veteran - Help Net Security

DDoS Attacks Surge 35% in Q3 as VoIP is Targeted - InfoSecurity Magazine

Emotet stages a comeback via Trickbot and spam - Help Net Security

Ethical Hackers Prevented $27B in Cybercrime - Security Boulevard

Ghostwriter Disinformation Operation Linked to Belarus - InfoSecurity Magazine

How Virtualization Helps Secure Connected Cars - Security Boulevard

Illuminating the path: Compliance as the key to security-by-design - Help Net Security

Iran-linked APT groups continue to evolve - Security Affairs

Israel's Candiru Spyware Found Linked to Watering Hole Attacks in U.K and Middle East - The Hacker News

Mandiant links Ghostwriter operations to Belarus - Security Affairs

New Partnership to Invest in Cybersecurity Startups - InfoSecurity Magazine

Now Iran's state-backed hackers are turning to ransomware - ZDNet

NSA Grants Boost University's Cyber Academy - InfoSecurity Magazine

Organizations More Susceptible to Ransomware Attacks During Weekends and Holidays - InfoSecurity Magazine

The ransomware threat is getting worse. But businesses still aren't taking it seriously - ZDNet

Threat actors offer millions for zero-days, developers talk of exploit-as-a-service - Bleeping Computer

UK Spooks Handled Record Number of Cyber Incidents Last Year - InfoSecurity Magazine

US, UK, and Australia pin Iran for exploiting Fortinet and Exchange holes - ZDNet

Why are you still using QWERTY? 2021's most common passwords revealed - ZDNet

What is challenging secure application development? - Help Net Security

Why Breach Notification Matters - Security Boulevard

Windows 11 issue with Intel audio drivers triggers blue screens - Bleeping Computer

16/11

China Telecom Appeals Against US Ban - InfoSecurity Magazine

Cloud compliance: Falling out of it could spell doom - Help Net Security

Cryptojackers Disable Alibaba Cloud Security Agent - InfoSecurity Magazine

Cryptomixers Enable Ransomware Payment Laundering - Security Boulevard

Cultural divide between IT and OT teams leaves 65% of organizations unable to secure both environments - Help Net Security

Data and the Cat-and-Mouse Game of Security - Security Boulevard

Data Breach Rule for Health Apps Leaves Developers in the Dark - Bloomberg Law

Does Your DDoS Protection Solution Defend Against the Latest Attacks? - Security Boulevard

Government Plans Regulation to Bolster Supply Chain Security - InfoSecurity Magazine

How do I select a policy automation solution for my business? - Help Net Security

Intel addresses 2 high-severity issues in BIOS firmware of several processors - Security Affairs

Internal audit leaders expect new risks to emerge post-pandemic - Help Net Security

iOS 15 Mail Privacy Protection Fails to Cover Apple Watch Mail App - TechNadu

Microsoft adds AI-driven ransomware protection to Defender - Bleeping Computer

Microsoft warns of the evolution of six Iranian hacking groups - Bleeping Computer

New banking Trojan SharkBot makes waves across Europe, US - ZDNet

New Blacksmith Exploit Bypasses Current Rowhammer Attack Defenses - The Hacker News

New Nexus Firewall Release with Developer-First Enhancements - Security Boulevard

Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware - The Hacker News

NPM fixes private package names leak, serious authorization bug - Bleeping Computer

Operational technology and zero trust - Help Net Security

Peloton bike, Amazon Halo Band and Facebook Portal featured on Mozilla list of holiday gifts lacking privacy features - ZDNet

Protecting today’s web applications requires more than a firewall - Security Boulevard

RansomOps: Detecting Complex Ransomware Operations - Security Boulevard

Researchers Demonstrate New Way to Detect MitM Phishing Kits in the Wild - The Hacker News

Rowhammer Redux: ‘Blacksmith’ Fuzzing—Panic Now? - Security Boulevard

SharkBot, a new Android Trojan targets banks in Europe - Security Affairs

Shrinking cyber budgets are leaving businesses at risk - Help Net Security

These are the cryptomixers hackers use to clean their ransomss - Bleeping Computer

Top Challenges to Managing Insider Threats - Security Boulevard

US, EU Join Paris Call for Cybersecurity - Security Boulevard

Zoom patches vulnerabilities in its range of conferencing apps - Help Net Security

We need a Cyber Awareness Century - Help Net Security

WordPress sites are being hacked in fake ransomware attacks - Bleeping Computer

15/11

42% of UK Gamers Have Experienced a Cyber-Attack on Their Account or Device - InfoSecurity Magazine

91% of IT leaders affected by supply chain disruption: survey - ZDNet

10,000+ websites and apps are vulnerable to Magecart - Help Net Security

Adult Cam Website ‘Stripchat’ Exposes User and Model Info in Data Leak - TechNadu

Attacks On Retail Websites Up Heading Into Holiday Season - Security Boulevard

China looks to classify online data in draft security laws - ZDNet

Cisco partners with JupiterOne for cloud security platform - ZDNet

Costco says card skimmers were found at Chicago-area warehouses, less than 500 people affected - ZDNet

Cybersecurity for Sports and Entertainment - Security Boulevard

Digital life after death: Do you have a password-sharing plan in place? - Help Net Security

Emotet malware is back and rebuilding its botnet via TrickBot - Bleeping Computer

ENISA – The need for Incident Response Capabilities in the health sector - Security Affairs

FBI Fixes Misconfigured Server After Hoax Email Alert - InfoSecurity Magazine

Healthcare organizations at risk: The attack surface is expanding - Help Net Security

How to achieve permanent server hardening through automation - Help Net Security

How to Tackle SaaS Security Misconfigurations - The Hacker News

Immersive Labs Acquires Snap Labs - InfoSecurity Magazine

Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146) - Help Net Security

New Microsoft emergency updates fix Windows Server auth issues - Bleeping Computer

New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks - The Hacker News

North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro - The Hacker News

New Rowhammer technique bypasses existing DDR4 memory defenses - Bleeping Computer

Officials confirm patient data stolen in N.L. cyberattack - CBC

Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic - The Hacker News

Robinhood Data Breach, 600 Hours of Dallas Police Helicopter Footage Leaked - Security Boulevard

Scam Spotter Campaign Flags Gift Card Fraud - InfoSecurity Magazine

SharkBot — A New Android Trojan Stealing Banking and Cryptocurrency Accounts - The Hacker News

The future of digital infrastructure: Top 10 predictions - Help Net Security

This mysterious malware could threaten millions of routers and IoT devices - ZDNet

Top risks auditors should cover in their 2022 audit plans - Help Net Security

Two Sony PS5 exploits disclosed the same day - Security Affairs

US and Israel Agree Anti-Ransomware Coalition - InfoSecurity Magazine

US Journalist Imprisoned for Spreading False Information is Freed - InfoSecurity Magazine

US Treasury Again Threatens to Sanction Ransomware Victims - Security Boulevard

When cybersecurity becomes terrifying - Help Net Security

When it comes to securing systems against quantum computers, there is no one-size-fits-all solution - Help Net Security

14/11

5 million cyberattacks faced by the Taiwan government on a daily basis - The Digital Hacker

22-year-old Ukrainian arrested over largest cyber-attack in history - Euro Weekly

Almeria Couple Part Of International Criminal Gang Arrested Over €326,000 Internet Scam - The Olive Press

Bad form: FBI server sending fake emails taken offline and fixed, no data impacted - ZDNet

Cyber review finds government websites 'critically vulnerable' to hackers - Daily News Miner

Cyberattacks are surging. CT's workforce isn't keeping up - The Register Citizen

‘Designed to scare you’ - Britons urged to watch out for attempts to steal your retirement - Express

Dutch Authorities Seize Cryptocurrency Worth Over 25 Million Euros - CFX Magazine

Expect more online scams during the holidays. Here's how to spot them before it's too late - USA Today

FBI's Email System Hacked to Send Out Fake Cyber Security Alert to Thousands - The Hacker News

Gmail, Yahoo and Hotmail users warned they are at risk of new scam - Salisbury Journal

Home Affairs launches new principles for critical technology supply chain security - ZDNet

How Pysa/Mespinoza Captured the World’s Attention - Pirate Press

Rise in ransomware spell end of business-as-usual - Tahawultech

The U.S. Justice Department Takes Back a Lot of Stolen Crypto - Live Bitcoins News

This New Android Malware Might Steal Your Credit Card Information - Digital Information World

US Education Dept urged to boost K-12 schools' ransomware defenses - Bleeping Computer

Why hackers continue to hit DeFi protocols, solutions - Cryptopolitan

NEWS: Novembro (07/11 - 13/11) - 45 Semana de 2021