NEWS: Outubro (17/10 - 23/10) - 42 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!

23/10
Chico State graduate charged in data breach; professor cleared - The Orion
Connected home devices posing more hacking risks for Indian firms - Sify
Corry School District says ransomware attack may have exposed data on staff, students - GoErie
Facebook Sues Ukrainian Hacker Who Stole Millions of Sensitive User Details From Messenger - TechNadu
How to protect yourself from phishing attacks: Top online banking tips - Hindu Times
Human Hacking and Multi-Channel Phishing is Surging - Slash Next
Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks - The Hacker News
Popular NPM library hijacked to install password-stealers, miners - Bleeping Computer
Ransomware Attacks Perpetrated via Vulnerability in BillQuick Billing Software - TechNadu
Report: Over 3 Million Email Addresses of CoinMarketCap Users Leaked - Crypto Potato
Russian Drivers' Personal Data Available Online for Less than the Price of an iPhone - Auto Evolution
Windows ransomware gang moves earnings, others slam US after REvil takedown - ITWire

22/10
3 Million CoinMarketCap Email Addresses Have Leaked - Crypto Briefing
6.8M in Bitcoin held by DarkSide ransomware group on the move - Invezz
27 Unique Malware Deliverables Discovered from Discord CDN Abuse - TechNadu
A Trojan Can Ruin Your Online Shopping Experience - Flux
Attack that is blocking CBS shows like 'Jeopardy!' What is, Russian ransomware? - The Gainesville Sun
Candy production impacted by ransomware attack - Forest Park Review
Cisco SD-WAN Security Bug Allows Root Code Execution - Threatpost
Countries agree to 'urgent action' on ransomware, but issue few specifics - Saskatoon StarPhoenix
Cybersecurity threats challenge K-12 schools’ resilience and preparedness - Security Infowatch
DarkSide ransomware rushes to cash out $7 million in Bitcoin - Bleeping Computer
DNS attacks are targeting more businesses than ever - Techradar Pro
Embracing secure hybrid work with four foundational IT controls - Help Net Security
Ex-carrier employee sentenced for role in SIM-swapping scheme - ZDNet
Federal agencies issue ransomware alert related to ag - Farms Com
Ferrara Hit With Ransomware Attack - Food processing
FIN7 Bolsters Ransomware Threats With New Recruits - TechNadu
FIN7 Sets Up Fake Pentesting Company Site to Recruit Talent - GovInfo Security
FinCEN Reports Spiraling SARs Relating to Ransomware - JD Supra
Groove ransomware calls on all extortion gangs to attack US interests - Bleeping Computer
Hackers Exploit Flaw In BQE Software’s Billing System To Deploy Ransomware: Huntress - CRN
Halloween Horror-Show for Candy-Maker Hit by Ransomware - InfoSecurity Magazine
Illinois candy giant hit with ransomware weeks before Halloween - ZDNet
Italian celebs' data exposed in ransomware attack on SIAE - Bleeping Computer
Many Canadian firms knuckle under to ransomware demands, survey suggests - Leader Post
Missouri Officials: Teacher Information Data Breach to Cost $50M Outline - Insurance Journal
My Health Record imaging services security failed ADHA password standards - ZDNet
Over 35,000 citizen data at stake as digital marketing agency Fimmick attacked by ransomware - Marketing Interactive
Phishing Tackle releases Smishing-as-a-Service to reduce the risk of text message phishing - Help Net Security
Ransomware Gang Built A Fake Cybersecurity Start-Up To Recruit Unwitting IT Specialists - Hot Hardware
REvil ransomware group hacked by multiple governments – reports - Verdict
SCUF Gaming store hacked to steal credit card info of 32,000 customers - Bleeping Computer
Sinclair Staffers Say Company in Disarray 5 Days After Ransomware Attack (Report) - The Wrap
The Biggest Cyber-Threat Isn't Hackers, It's Insider Threats - InfoSecurity Magazine
The Tokyo 2020 Olympics saw how many attempted cyber attacks? - Government Technology
Unhappy customers and their own tricks used against them, REvil ransomware gang reportedly pulled offline by 'multi-country' operations - The Register

21/10
Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer - The Hacker News- The Hacker News
Data Scrapers Expose 2.6 Million Instagram and TikTok Users - InfoSecurity Magazine
Fraud never sleeps: Why biometrics is essential for effective fraud prevention - Help Net Security
Google disrupts massive phishing and malware campaign - ZDNet
Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts - The Hacker News
How do I select a GRC solution for my business? - Help Net Security
Increased activity surrounding stolen data on the dark web - Help Net Security
Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices - The Hacker News
Many organizations lack basic cyber hygiene despite high confidence in their cyber defenses - Help Net Security
Palo Alto warns of BEC-as-a-service - ZDNet
Siloed security data hamper the ability to achieve collective defense - Help Net Security
Smartphone counterespionage for travelers - Help Net Security
Threat Actors Abusing Discord to Spread Malware - InfoSecurity Magazine
U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes - The Hacker News
US judge sentences duo for roles in running bulletproof hosting service - ZDNet
US to Ban Export of Hacking Tools to Authoritarian States - InfoSecurity Magazine

20/10
81% of UK Healthcare Organizations Hit by Ransomware in Last Year - InfoSecurity Magazine
Attack surface larger than ever as organizations shift to remote and hybrid work - Help Net Security
Black market traders cash in on fake COVID-19 vaccination records - ZDNet
Companies Failing to Protect Domain Registrations - Security Boulevard
Five game-changing factors for companies dealing with ransomware attacks - Help Net Security
Hackers are disguising their malicious JavaScript code with a hard-to-beat trick - ZDNet
LightBasin Hackers Breach at Least 13 Telecom Service Providers Since 2019 - The Hacker News
LightBasin Operation Compromises 13 Global Telcos in Two Years - InfoSecurity Magazine
Members of at least two health insurance plans notified of ransomware attack on PracticeMax - DataBreaches Net
Microsoft, Intel and Goldman Sachs Team Up For New Supply Chain Security Initiative - InfoSecurity Magazine
Microsoft launches Privacy Management for Microsoft 365 - Help Net Security
Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices - The Hacker News
Mobile application security guide, from development to operations - Help Net Security
New Linux kernel memory corruption bug causes full system compromise - HackRead
Organizations lack basic cybersecurity practices to combat the growing tide of ransomware - Help Net Security
OWASP's 2021 List Shuffle: A New Battle Plan and Primary Foe - The Hacker News
Security, remote work support top concerns amongst firms - ZDNet
Supply chain attacks are the hacker's new favourite weapon. And the threat is getting bigger - ZDNet
Twitter Pulls Account After Argentinian Mega Breach Claims - InfoSecurity Magazine
Zerodium is looking for zero-day exploits in ExpressVPN, NordVPN, and Surfshark Windows VPN clients - Security Affairs
What are the post-pandemic security concerns for IT pros? - Help Net Security

19/10
83% of Ransomware Victims Pay the Demand - InfoSecurity Magazine
A New Variant of FlawedGrace Spreading Through Mass Email Campaigns - The Hacker News
ACE takes down Electro TV Sat pirate streaming service - Bleeping Computer
Apple iCloud Hacker Steals Nudes - InfoSecurity Magazine
BlackByte Ransomware Decryptor Released for Free - TechNadu
BlackMatter ransomware gang will target agriculture for its next harvest – Uncle Sam - The Register
Bots to become the future of work and provide ROI to organizations using them - Help Net Security
Compliance does not equal security - Help Net Security
Data Breach Hits US Dental Patients - InfoSecurity Magazine
FBI, CISA, NSA published a joint advisory on BlackMatter ransomware operations - Security Affairs
FCC mulls over new rules demanding carriers block spam robot texts at network level - ZDNet
Forrester report suggests Imperva Data Protection delivers high value and rapid ROI - Security Boulevard
Government Gunning for Cryptocurrency—Uses Ransomware as Pretext - Security Boulevard
How Your Organization Can Prevent Data Breaches - Security Boulevard
Michigan Man Got a 7-Year Sentence for Hacking UPMC HR Databases and Stealing PII - TechNadu
Microsoft fixes Surface Pro 3 TPM bypass with public exploit code - Bleeping Computer
Multi-factor authentications soar as enterprises move away from passwords to secure hybrid workers - Help Net Security
New Karma ransomware group likely a Nemty rebrand - Bleeping Computer
Prison for UPMC Data Thief - InfoSecurity Magazine
Recommendations for improving DEI in cybersecurity teams - Help Net Security
Secure your databases against opportunistic attackers - Help Net Security
Shared Responsibility Key to Protecting Critical Infrastructure - InfoSecurity Magazine
Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services - The Hacker News
Symantec uncovered a previously unknown nation-state actor, named Harvester, that targeted telcos - Security Affairs
The Challenge of Regulatory Compliance for Critical Infrastructure - Security Boulevard
The CISO’s guide to evaluating third-party security platforms - Help Net Security
Trustwave released a free decryptor for the BlackByte ransomware - Security Affairs
Twitter accounts linked to cyberattacks against security researchers suspended - ZDNet
UK in Midst of $200m Crypto Fraud Epidemic - InfoSecurity Magazine
US Authorities Issue BlackMatter Ransomware Alert - InfoSecurity Magazine
VPN Provider's Misconfiguration Exposes One Million Users - InfoSecurity Magazine
WFH is here to stay: Five tactics to improve security for remote teams - Help Net Security

18/10
Acer Hacked, the Private Data of Millions of Clients Stolen - TechNadu
Acer hit with second cyberattack in less than a week, Taiwanese authorities notified - ZDNet
Analyzing and implementing a national zero trust architecture - Help Net Security
Atento Infectada por Malware - Felipe Payão (Twitter)
Attackers Weaponizing Zero-Days at Record Pace - Security Boulevard
BEC attacks: Scammers’ latest tricks - Help Net Security
BlackByte ransomware decryptor released - ZDNet
Credit card PINs can be guessed even when covering the ATM pad - Bleeping Computer
Cyber-Attack on US TV Broadcaster - InfoSecurity Magazine
Cyber risk trends driving the surge in ransomware incidents - Help Net Security
Cybersecurity Experts Warn of a Rise in Lyceum Hacker Group Activities in Tunisia - The Hacker News
Cybersecurity Risk’s “New Math” - Security Boulevard
DEF CON 29 ICS Village – Mert Can Kilic’s ‘Do We Really Want To Live In The Cyberpunk World’ - Security Boulevard
Espionage Group ‘Harvester’ Uses New Tools to Target South Asia and Focuses on Afghanistan - TechNadu
Europol Warns of Major EU Recovery Fund Fraud - InfoSecurity Magazine
Facebook diz que mais reportagens com documentos vazados devem ser publicadas em breve - G1 Tecnologia
FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks - Bleeping Computer
Fraud Victims Lose £9.3bn in Well-Being per Year - InfoSecurity Magazine
Gartner survey of CIOs highlights investments in AI, cloud and cybersecurity - ZDNet
Learning Framework For Detection of Novel Malware | Avast - Security Boulevard
Microsoft asks admins to patch PowerShell to fix WDAC bypass - Bleeping Computer
Most employees believe backing up company data is not their problem - Help Net Security
Over 30 Countries Pledge to Fight Ransomware Attacks in US-led Global Meeting - The Hacker News
Popular student monitoring software could have exposed thousands to hacks - Data Breaches Net
Prometheus endpoint unprotected installs could expose sensitive data - Security Affairs
Remote access security strategy under scrutiny as hybrid/remote working persists - Help Net Security
REvil ransomware operation shuts down once again - Security Affairs
Sinclair confirms ransomware attack after TV station disruptions - ZDNet
Sinclair TV Stations Disrupted After Possible Ransomware Attack - TechNadu
Sinclair TV stations downtime allegedly caused by a ransomware attack - Security Affairs
Sinclair TV stations crippled by weekend ransomware attack - Bleeping Computer
South Korea Wants Help to Arrest Alleged Cyber-Criminals - InfoSecurity Magazine
State-backed hackers breach telcos with custom malware - Bleeping Computer
Suspected Chinese hackers behind attacks on ten Israeli hospitals - Bleeping Computer
TeamTNT Deploys Malicious Docker Image On Docker Hub - Security Affairs
The importance of crisis management in the age of ransomware - Help Net Security
This new phishing attack features a weaponized Excel file - ZDNet
TikTok Serves Up Fresh Gamer Targets via Fake Among Us, Steam Offerings - Threatpost
Twitch: No Passwords Were Taken in Data Breach - InfoSecurity Magazine
Twitter Suspends Accounts Used to Snare Security Researchers - Threatpost
University still recovering from major cyberattack that disrupted IT systems - ZDNet
Update: Student and personnel files from Manhasset Union Free School District appear on the dark web - Data Breaches Net
US Treasury Tracks $5.2bn of Ransomware Transactions in Six Months - InfoSecurity Magazine
Why Database Patching Best Practice Just Doesn't Work and How to Fix It - The Hacker News

17/10
Acer data breach in India: Delighted hackers show-off users' accounts in public - Tech Hindu
Ad-blocker Chrome extension AllBlock injected ads in Google searches - HackRead
Cloud security is an ongoing struggle to keep sensitive data safe. Is it getting any easier? - HackRead
Former Microsoft Security Analyst Claims Office 365 Knowingly Hosted Malware For Years - Hothardware
From Fortnite to Fifa, online video game players warned of rise in fraud - The Guardian
Gmail and Outlook warning: Delete these emails now or pay a heavy price - Express
Google sent 50K warnings to targets of government-backed hackings - Business Standard
Hacking groups execute ransomware attacks worth $5.2 bn in Bitcoin - Infotech Lead