NEWS: Novembro / Dezembro (28/11 - 04/12) - 48 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!
04/12
Cybercrimes on the up, with SA annually losing about R2.2 billion - IOL
Darktrace Reports 30% More Ransomware Attacks Targeting Organizations During The Holiday Period - Indian Web 2
Data leak of personal employee info least disclosed type of breach: Report - The Hindu Business Line
How a Small Email Phish Can Become a Million Rand Ransom - IT News Africa
How to Practice Online Safety: Tips and Tricks in 2021 - Beebom
Improve Your Security Strategy: The Rise of Ransomware - Best Gamingpro
Malicious KMSPico installers steal your cryptocurrency wallets - Bleeping Computer
Nepal unveils plan to regulate Internet of Things, machine to machine communication - Ahmedabad Mirror
Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats - The Hacker News
Spain: The National Police warns CaixaBank is being used again to steal your data - News Trace
We know who is attacking us and we know how to get even, says Israel's cyber defense chief - Kake
03/12
APTs Adopting New Phishing Methods to Drop Payload - BankInfo Security
Are your PLCs an easy target? A mindset shift can significantly reduce PLC firmware vulnerabilities - Process and Control Today
Blundering NHS says sorry after sharing patients' email addresses - Stoke Sentinel
Building new relevance in managed security will be key to channel success in 2022 - Reseller News
Cryptocurrency Scams: 5 Ways to Spot, Avoid and Protect - Analytics Insight
Cyber fraud fears rise towards festive season - CajNews Africa
Darktrace reports 30% more ransomware attacks targeting organisations during the holiday period - Cambridge Network
Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077) - Help Net Security
Fake support agents call victims to install Android banking malware - Bleeping Computer
FBI: Cuba ransomware breached 49 US critical infrastructure orgs - Bleeping Computer
FBI warning: Hackers are targeting this flaw in Zoho ManageEngine ServiceDesk Plus - ZDNet
Firewalls and Security Protocols Alone Cannot Keep Hackers Out - InfoSecurity Magazine
How MFA Can Help Prevent Data Breaches - Security Boulevard
How to avoid being a hacker's next target: Don't overshare information on business social media - TechRepublic
It's a truly cruel scam. Here's the dramatic way Google is trying to stop it - ZDNet
Major trends in online identity verification for 2022 - Help Net Security
Massachusetts Registry of Motor Vehicles warns about phishing scam - 10 WJAR
Misconfigured Database Leaks Info on 150K E-commerce Buyers - InfoSecurity Magazine
New Malvertising Campaigns Spreading Backdoors, Malicious Chrome Extensions - The Hacker News
New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers - The Hacker News
Omicron Phishing Campaign Hits User Inboxes - InfoSecurity Magazine
Password-stealing and keylogging malware is being spread through fake downloads - ZDNet
Phishing kits’ favorite brand? Amazon - Help Net Security
Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments - The Hacker News
Researchers discover 14 new data-stealing web browser attacks - Bleeping Computer
SMS firewall revenue to reach $4.1 billion in 2026 - Help Net Security
Tardigrade Malware Poses Unprecedented Threat to Biomanufacturers - Health IT Security
This password-stealing and keylogging malware is being spread through fake software downloads - ZDNet
Threat actors stole $120 M in crypto from BadgerDAO DeFi platform - Security Affairs
Tor2Mine cryptominer has evolved: Just patching and cleaning the system won’t help - Help Net Security
Twitter and Meta Tackle Anti-Vaxxers and Chinese Disinformation - InfoSecurity Magazine
Watch out for Omicron COVID-19-themed phishing messages! - Security Affairs
What to Look For in an MDR Provider - Security Boulevard
Why Everyone Needs to Take the Latest CISA Directive Seriously - The Hacker News
Widespread Threats Target Automotive Companies - Security Boulevard
02/12
AWS SageMaker Notebook Takeover Vulnerability - Security Boulevard
CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability - The Hacker News
Colorado energy company loses 25 years of data after cyberattack, still rebuilding network - ZDNet
Config error left 190 Australian organisations open to phishing attacks - ITNews
Cyber-Attack on Planned Parenthood - InfoSecurity Magazine
DHS: Cybersecurity coordinators and vulnerability assessments mandatory for rail companies - ZDNet
Double Extortion Ransomware Victims Soar 935% - InfoSecurity Magazine
Europol arrested 1800 money mules as part of an anti-money-laundering operation - Security Affairs
Federal government refreshes digital transformation strategy and expands cyber hub trial - ZDNet
How phishing kits are enabling a new legion of pro phishers - Help Net Security
How to Outplay the Ransomware Playbook - Security Boulevard
Malware variants in 2021: Harder to detect and respond to - Help Net Security
Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials - The Hacker News
Meta expanding Facebook security program for government officials, journalists, activists - ZDNet
Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library - Security Affairs
New malware hides as legit nginx process on e-commerce servers - Bleeping Computer
Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling - Help Net Security
Over 4 Mn Payment Card Details Hawked on Dark Web - CISO Mag
Phishing Scam Targets Military Families - InfoSecurity Magazine
Planned Parenthood LA: Ransomware attack leaks health data of 400,000 patients - ZDNet
Police Arrest 1800 in Major Money Laundering Crackdown - InfoSecurity Magazine
Railway cyber risk management: Raising awareness on relevant threats - Help Net Security
Ransomware and fleeceware among the top threats of 2021 - Express Computer
Researches Detail 17 Malicious Frameworks Used to Attack Air-Gapped Networks - The Hacker News
Russian Bulletproof Hosting Kingpin Gets Five Years - InfoSecurity Magazine
Security Hygiene, Posture Management Remain Challenging - Security Boulevard
Shopping online? FBI says beware of these holiday scams and phishing threats - ZDNet
The importance of vulnerability management for your organization - Help Net Security
Twitter removes another 3,000 state-backed accounts linked to six countries - ZDNet
01/12
300.000+ users downloaded malware droppers from Google Play - Help Net Security
AI/ML Powered Automation: The Future of Cybersecurity at Scale - Security Boulevard
Alarming rise in cyberattacks against healthcare facilities, 68 attacks in Q3 2021 only - Help Net Security
Amazon Web Services, CrowdStrike and Presidio partner for ransomware mitigation kit - ZDNet
API security awareness: The first step to better assessing the risk - Help Net Security
Control failures are behind a growing number of cybersecurity incidents - Help Net Security
Dell Allies with AWS to Protect Data - Security Boulevard
Despite the popularity of password managers, many still use pen and paper - Help Net Security
Development of Corporate Applications Based on Artificial Intelligence - HackRead
DNA testing service data breach impacting 2.1 million users - HackRead
Europol: 18k money mules caught laundering money from online fraud - Bleeping Computer
FBI training document shows lawful access to multiple encrypted messaging apps - Security Affairs
Hackers Increasingly Using RTF Template Injection Technique in Phishing Attacks - The Hacker News
Hacker Jailed for Stealing Millions of Dollars in Cryptocurrencies by SIM Hijacking - The Hacker News
How to Proactively Remove File-Based Malware - Security Boulevard
HP Printer Hijack Bugs Impact 150 Models - InfoSecurity Magazine
Improving Cybersecurity With MITRE ATT&CK Framework - Security Boulevard
Is the Market for Hardware Security Appliances Doomed? - Security Boulevard
MI6 Boss: Digital Attack Surface Growing "Exponentially" - InfoSecurity Magazine
Malicious Android app steals Malaysian bank credentials, MFA codes - Bleeping Computer
Microsoft Exchange servers hacked to deploy BlackByte ransomware - Bleeping Computer
Microsoft fixes installation issues in new Windows 11 dev build - Bleeping Computer
Most Brazilian businesses set to boost cybersecurity spend in 2022 - ZDNet
Mozilla fixes critical bug in cross-platform cryptography library - Bleeping Computer
New Babadeda Crypter Geared Towards the Crypto and NFT Communities - The Digital Hacker
New EwDoor Botnet Targeting Unpatched AT&T Network Edge Devices - The Hacker News
New RTF Template Inject technique used by APT groups in recent attacks - Security Affairs
Organizations Now Have 76 Security Tools to Manage - InfoSecurity Magazine
Panasonic Concurs Breach Due to Third-Party Access to its File Server - CISO Mag
Sabbath Ransomware target critical infrastructure in the US and Canada - Security Affairs
State-backed hackers increasingly use RTF injection for phishing - Bleeping Computer
The ripple effect: Why protection against supply chain attacks is a must - Help Net Security
These researchers wanted to test cloud security. They were shocked by what they found - ZDNet
TrickBot Checks Screen Resolution to Avoid Detection with a twist - The Digital Hacker
Twitter to Remove Private Media - InfoSecurity Magazine
U.K. Govt. Fines Clearview $22.6 Mn Over Privacy Violations - CISO Mag
VirusTotal Collections allows enhancing the sharing of Indicators of Compromise (IoCs) - Security Affairs
VirusTotal Collections feature helps keep neat IoC lists - Bleeping Computer
VMware's Carbon Black offers more analyst assistance to respond to attacks - ZDNet
Without Consent, Twitter prohibits users from sharing personal photos and videos of others - The Digital Hacker
30/11
4 Android banking trojans infected over 300,000 devices via Google Play - The Digital Hacker
4 Android banking trojans were spread via Google Play infecting 300.000+ devices - Security Affairs
8-year-old HP printer vulnerability affects 150 printer models - Bleeping Computer
300,000 Android users impacted by malware apps on Play Store - HackRead
Aviatrix Adds Security Capabilities to Cloud Management Platform - Security Boulevard
Black Friday 2021, a great opportunity for hackers to carry out their criminal activities - The Digital Hacker
Critical Wormable Security Flaw Found in Several HP Printer Models - The Hacker News
Cyberattacks in 2021 Highlighted Critical Infrastructure Risks - Security Boulevard
Cyber Essentials Set for Major Update in 2022 - InfoSecurity Magazine
Dark web market Cannazon shuts down after massive DDoS attack - Bleeping Computer
DNA testing firm discloses data breach affecting 2.1 million people - Bleeping Computer
Ecommerce retailers facing a 350% increase in fraudulent online orders - Help Net Security
Google warned its users; cryptocurrency miners using hacked cloud accounts - The Digital Hacker
Hackers could steal encrypted data now and crack it with quantum computers later, warns analysts - ZDNet
How to combat ransomware with visibility - Help Net Security
Implications of strengthening the cybersecurity of small business in America - Help Net Security
Kentucky Energy and Environment Cabinet announces data security breach - Data Breaches Net
Manufacturing Industry Is the Second Most Affected by Ransomware - Quality Digest
Massive online crime crackdown leads to 1,000 arrests - Help Net Security
Most challenging security threats for CTOs - Help Net Security
New Linux malware found a new place to hide itself - The Digital Hacker
Panasonic suffers a data breach when hackers breach its network - The Digital Hacker
Panasonic Suffers Data Breach After Hackers Hack Into Its Network - The Hacker News
Patching takes 2.5 times longer when endpoints are remotes - Help Net Security
Police Set for Record Haul in Anti-Card Fraud Operation - InfoSecurity Magazine
Printing Shellz: Critical bugs impacting 150 HP printer models patched - ZDNet
Ransomware Group Rebrands Multiple Times to Evade Detection - InfoSecurity Magazine
Searching for Bugs in Open Source Code - Security Boulevard
Security for IoT Networks Needs to Reflect an OT Mindset - Security Boulevard
Spy chief's warning: Our foes are now 'pouring money' into quantum computing and AI - ZDNet
Twitter Bans Users From Posting 'Private Media' Without a Person's Consent - The Hacker News
UK and Israel Pledge Greater Cooperation in Cybersecurity - InfoSecurity Magazine
Unpatched Microsoft Exchange Servers abused in new phishing campaign - HackRead
Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS - The Hacker News
WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East - The Hacker News
Yanluowang ransomware operation matures with experienced affiliates - Bleeping Computer
29/11
4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021 - The Hacker News
5 High-Risk Vulnerabilities In E-Commerce Applications - Security Boulevard
82% of IT leaders looking to cloud for critical mainframe applications to remain competitive - Help Net Security
1,000 arrests made in online fraud crackdown, says Interpol - ZDNet
Addressing the cybersecurity skills gap with higher education - Help Net Security
An Ounce of Segmentation Is Worth a Pound of Ransomware Cure - Channel Future
Apex Brasil sofre ataque de hacker - Metropoles
APT37 targets journalists with Chinotto multi-platform malware - Bleeping Computer
Attackers exploiting Windows Installer vulnerability despite patching - HackRead
Bay Village school district accidentally releases seniors' personal info, including grades, to all families - News 5 Cleveland
Behavioral biometrics: A promising tool for enhancing public safety - Help Net Security
Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition - Security Affairs
Butler County Community College closes for 2 days after cyberattack - Pittsburgh Post-Gazette
Cyber-attack on Ikea - Retail Detail
Cybercriminals: Frenemies China, Russia, North Korea - Security Boulevard
Cybersecurity graduates are doubling, but that's still not going to fix the skills crisis - ZDNet
Cyber Security Predictions for 2022 - Security Boulevard
Data Breach at Panasonic - InfoSecurity Magazine
Debunking Myths About CMMC 2.0 - Security Boulevard
DVLA scam warning as fraudsters target motorists with phishing emails and texts - Daily Record
ETHS Defrauded Of $48,570 In Hack That Exposed 1,139 Identities - Patch Illinois
Five alarming cyber predictions - Professional Security Magazine Online
Former Northwell hospital employee charged with HIPAA violation for snooping 13,000 patient EHRs - Becker's Health IT
Google says people are hacking cloud accounts to mine cryptocurrency - Metro
Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency - The Hacker News
Highland Village targeted in phishing attack - The Cross Timbers Gazette
Hospital cyber-attacks are the new pandemic; here’s the cure - Jewish News Syndicate
Ikea email systems bombarded by phishing attacks - TechRadar Pro
Israel Blamed for Crippling Attack on Iranian Gas Stations - InfoSecurity Magazine
Israel cut cyber export list, excluding totalitarian regimes - Security Affairs
Lewis and Clark Cyberattack: Community College Ransomware Recovery Updates - MSSP Alert
Mid-market IT leadership top 2022 objective: Strengthening security - Help Net Security
Nadra’s data breach a national security threat - International The News
New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists - The Hacker News
Panasonic confirms data breach after hackers access internal network - Tech Crunch
Patients File Lawsuits in Wake of Healthcare Data Breaches - Health IT Security
Phishing attacks top 260,000 in Q3 2021 - Help Net Security
Putting the “sec” in DevSecOps: An overall reduction of risk - Help Net Security
Queensland government energy generator hit by ransomware - ZDNet
Ransomware Attack Affects over 2300 Sonoma County Clients - KSRO
Ransomware teaches us the importance of data protection - Computer Weekly
Rapid Money Laundering Response Helps Intercept $27m - InfoSecurity Magazine
Sabbath hackers are targeting US schools and hospitals - ITPro
Securing Corporate Philanthropy on Giving Tuesday - Security Boulevard
Stealthy WIRTE hackers target governments in the Middle East - Bleeping Computer
The True Cost Of Rising Cyber Threats, According To A Cybersecurity CFO - Forbes
Two Drug Dealers Get 18 Years Following EncroChat Bust - InfoSecurity Magazine
Vestas ‘close to normal’ after ransomware attack - ReNews
28/11
0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day - Security Affairs
DEFCON 29 IoT Village – Amit Elazari’s, Anahit Tarkhanyan’s And Rita Cheruvu’s ‘Establishing IoT Trustworthiness’ - Security Boulevard
DEFCON 29 IoT Village – Cheryl Biswas’ ‘Mind The Gap: Managing Insecurity In Enterprise IoT’ - Security Boulevard
French court indicted Nexa Technologies for complicity in acts of torture - Security Affairs
Google security report reveals, compromised cloud instances used for crypto mining - AMB Crypto
Hadera hospital back to work over month after cyberattack - The Times Of Israel
Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million - The Hacker News
Jamaica: Data security in an advanced world - The Gleaner
Library officials recount actions in wake of cybersecurity incident - The Blade
Millions of Android phones infected by dangerous malware, these phones are at risk - Express
North Korea-linked Zinc group posed as Samsung recruiters to target security firms - Security Affairs
Proactively Securing Your Enterprise Cloud - Security Boulevard
Proactively Securing Your Enterprise Cloud - HolistiCyber
RATDispenser, a new stealthy JavaScript loader used to distribute RATs - Security Affairs
Study Reveals Cybersecurity Threats Across Microsoft Windows OS In 2021 Have Reached Over 100 Million - Digital Information World
Targeted cyberattacks on cryptocurrency industry to rise in 2022: Report - The Hindu Business Line
Telcos to get expanded scam-blocking powers through telecommunications law amendment - ZDNet
The Canadian lab that exposed a critical flaw that left Apple devices vulnerable - National Post
Will Artificial Intelligence Help or Hurt Cyber Defense? - Government Technology
