NEWS: Novembro (07/11 - 13/11) - 45 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!


13/11


Biden’s naivete about Russian cyber warfare puts America in danger - New York Post


Cyber Attack Halts Beer Production At Barcelona's Damm Brewery - The Olive Press


Data of Lister fertility clinic patients compromised in a ransomware attack - Teiss


Delete these 7 Android apps before it costs you big bucks; spot fake LinkedIn alerts - Phone Arena


Fake end-to-end encrypted chat app distributes Android spyware - Bleeping Computer


FBI system hacked to email 'urgent' warning about fake cyberattacks - Bleeping Computer


Gmail, Yahoo and Hotmail users warned they are at risk of new scam - The Northern Echo


Internet Explorer is still causing trouble, even from the grave - TechRadar Pro


Lidl scam warning: Britons urged to 'watch out' as fake email could put your money at risk - Express


More than 300 security bugs, including those from 2014, must be patched by all federal agencies in the United States. - Brinkwire


Netherlands Detains Russian Sought By U.S. Over 'Ryuk' Ransomware - Radio Free Europe


Phishing in Troubled Waters: How To Protect Yourself from Hacker Attacks? - RTD


Security and Compliance Risks Associated With the Merger and Acquisition Process - InfoSecurity Magazine


Small-town Japanese hospital struggling with 'disaster' after ransomware attack - The Mainichi


Surveillance firm pays $1 million fine after 'spy van' scandal - Bleeping Computer


Warning From Chief Of Defence Staff: Cyber Crime Increase By 500% In India; Stay Alert - Trak


12/11


As technology pervades, CIOs’ influence on business strategy grows - Help Net Security


Barracuda Networks Report Shows Spike in Bait Attacks - Security Boulevard


Booking.com was breached by a hacker with links to US intelligence services - Computing


Booking.com was reportedly hacked by a US intel agency but never told customers - ARS Technica


Costco customers complain of fraudulent charges before company confirms card skimming attack - ZDNet


Costco discloses data breach after finding credit card skimmer - Bleeping Computer


Critical RCE in Palo Alto Networks (PAN) firewalls revealed, patch ASAP! (CVE-2021-3064) - Help Net Security


Cyber attack 'paralyses' Estrella Damm brewery badly hitting beer production - Wales Online


Cyber attack turns off the taps at Barcelona's Damm brewery - Majorca Daily Bulletin


Cyber Attackers Hit Ohio Hospital, Library, TV Stations - Scioto County Daily News


Europol: Ransomware Gangs Focusing on High Profile Targets - InfoSecurity Magazine


FTC shares ransomware defense tips for small US businesses - Bleeping Computer


Fraudsters hack into IT agency CEO’s phone - The Hindu


Google warns hackers used macOS zero-day flaw, could capture keystrokes, screengrabs - ZDNet


Hackers Increasingly Using HTML Smuggling in Malware and Phishing Attacks - The Hacker News


Hospital nearly normal more than a month after attack - Daily Journal


Industrial cybersecurity market to reach $22.3 billion by 2026 - Help Net Security


Interpol Closes in on Global BEC Gang - InfoSecurity Magazine


iPhone Data Leak: Expert Reveals How 'Minecraft' Shares Your Data! - Itech Post


Karnataka Bitcoin scam: Arrested accused hacked Bitfinex exchange twice - ET Cio


Lack of resources and skills continues to challenge PKI deployment - Help Net Security


Leveraging social media background checks to balance friction and risk - Help Net Security


Major comics distributor regains access to its website following ransomware attack - Games Radar


Major Water Supplier Suffers Nine-Month Long Breach - InfoSecurity Magazine


Medical software firm urges password resets after ransomware attack - Intelligent CIO


Millions of Routers, IoT Devices at Risk from New Open-Source Malware - ThreatPost


Movistar suffers a cyber attack that exposes customer data - CVBJ


Pay-per-click fraud is costing top tech companies, and you, hundreds of millions of dollars - TechRepublic


Pentagon Set to Open Zero Trust Office in December - InfoSecurity Magazine


Ransomware experts question massive Pysa/Mespinoza victim dump - ZDNet


Researchers Discover 13 Medical Device Security Vulnerabilities - Health IT Security


Russians Who Bought Fake Vaccine Certificates Targeted in Data Leak – Kommersant - The Moscow Times


Security standards should be strengthened outside the federal government too - Help Net Security


Spanish Brewery “Paralyzed” by Cyber-Attack - InfoSecurity Magazine


The 5 Golden Rules of Cyber-War - InfoSecurity Magazine


This sneaky trick lets attackers smuggle malware onto your network - ZDNet


Top 10 Cybersecurity Best Practices to Combat Ransomware - ThreatPost


UK Funds Project to Teach Autistic Children Cybersecurity Skills - InfoSecurity Magazine


Vulnerable Web Applications Prevalent in EU Pharma Companies - InfoSecurity Magazine


Why younger people are at higher risk for falling for phishing attacks - Standard Examiner



11/11


12 notorious ransomware actors nabbed in major Europol-led operation - Teiss


Are you less capable of innovation or more vulnerable to threats than you thought? - Help Net Security


As the holiday season approaches, threats to supply chain, e-commerce and travel soar - Help Net Security


Back-to-Back PlayStation 5 Hacks Hit on the Same Day - ThreatPost


BotenaGo botnet targets millions of IoT devices with 33 exploits - Bleeping Computer


Careful: 'Smart TV remote' Android app on Google Play is malware - Bleeping Computer


City of Moline confirms it was victim of phishing scam in December - KWQC


Critical WordPress plugin vulnerability allowed wiping databases - HackRead


CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN - Security Affairs


DDoS attacks were a more serious threat in Q3 2021 than ever before - Help Net Security


EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms - Help Net Security


Flaw Exposing Data of 44 Million Indian Investors Patched - GovInfo Security


Gmail accounts are used in 91% of all baiting email attacks - Bleeping Computer


Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant - The Hacker News


Hackers undetected on Queensland water supplier server for 9 months - Bleeping Computer


Humanizing hackers: Entering the minds of those behind the attacks - Help Net Security


Iran's Lyceum Hackers Target Telecoms, ISPs in Israel, Saudi Arabia, and Africa - The Hacker News


Legal action against Sky Betting and Gaming being explored following data breach - Gambling Insider


Magniber ransomware gang now exploits Internet Explorer flaws in attacks - Bleeping Computer


Microsoft: New security updates trigger Windows Server auth issues - Bleeping Computer


Navigating The Threat Landscape 2021 – From Ransomware to Botnets - The Hacker News


New BazarBackdoor Attack Discovered - InfoSecurity Magazine


Phishing attacks grow 31.5% over 2020, social media attacks continue to climb - Help Net Security


Post-Graff Hacking, Ransomware Group Says It Won’t Leak Dictator Data - JCK Online


Ransomware Attack Hits UK Fertility Clinic - InfoSecurity Magazine


Ransomware attacks target German companies at the same time - EuraCTIV


Researchers Uncover Prolific Hacker-for-Hire Group - InfoSecurity Magazine


Robinhood crippled by trading outage two days after data breach - Finance Feeds


Scam PACs Allegedly Stole $3.5m from Trump Voters - InfoSecurity Magazine


Sophisticated Android spyware PhoneSpy infected thousands of Korean phones - Security Affairs


The world’s worst kept secret and the truth behind passwordless technology - Help Net Security


‘Thoughtless’ flaw on DFA website leaves thousands vulnerable to phishing attacks — cybersecurity expert - Business World


TrickBot Operators Partner with Shatak Attackers for Conti Ransomware - The Hacker News


US Firms Hit with Largest Ransoms Globally - InfoSecurity Magazine


Waikato DHB cyberattack: Board prewarned security was severely compromised - NZHerald



10/11


13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment - The Hacker News


14 New Security Flaws Found in BusyBox Linux Utility for Embedded Devices - The Hacker News


2022 Cybersecurity Predictions From RSA Conference’s Advisory Board - Security Boulevard


A stalker's wishlist: PhoneSpy malware destroys Android privacy - ZDNet


Anglers Redirected to Pornhub - InfoSecurity Magazine


As the move to the cloud accelerates, data privacy and security remain critical - Help Net Security


Businesses don't know how to manage VPN security properly - and cyber criminals are taking advantage - ZDNet


Class Action Against Google Blocked - InfoSecurity Magazine


Cybersecurity: This prolific hacker-for-hire operation has targeted thousands of victims around the world - ZDNet


Dallas Police Surveillance Footage Leaked - InfoSecurity Magazine


Dependency Combobulator: Open source toolkit to combat dependency confusion attacks - Help Net Security


Europol Practices Post-Terror Incident Response - InfoSecurity Magazine


Exchange Server bug: Patch now, but multi-factor authentication might not stop these attacks, warns Microsoft - ZDNet


Experts tout $2 billion in cybersecurity funding in Biden's infrastructure bill - ZDNet


Healthcare security: IT pros warn of vulnerable HVAC systems, imaging machines, check-in kiosks and more - ZDNet


How to Create a Safe and Democratic Digital Infrastructure - InfoSecurity Magazine


iPhone users don't care about sideloading - ZDNet


Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites - Bleeping Computer


Lazarus hackers target researchers with trojanized IDA Pro - Bleeping Computer


Leveraging Behavioral Psychology to Improve Teamwork in Cybersecurity - InfoSecurity Magazine


Microsoft patches Excel zero-day used in attacks, asks Mac users to wait - Bleeping Computer


Microsoft: Patch Zoho Bug Now to Stop Chinese Hackers - InfoSecurity Magazine


Most CIOs and CISOs underestimate the risk of an OT breach - Help Net Security


Most cybersecurity leaders use microsegmentation to augment corporate network security - Help Net Security


New Android malware targets Netflix, Instagram, and Twitter users - Bleeping Computer


Organizations believe they are ready for ransomware attacks - Help Net Security


Over 80% of CNI Firms Have Been Breached in Past 36 Months - InfoSecurity Magazine


Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN - ZDNet


PhoneSpy: Android spyware campaign targeting South Korean users - Bleeping Computer


Ransomware is The New Terrorism, Contends Cyber Expert - InfoSecurity Magazine


Researchers Discover PhoneSpy Malware Spying on South Korean Citizens - The Hacker News


Researchers show that Apple’s CSAM scanning can be fooled easily - Bleeping Computer


Security Basics in a Hybrid Environment - Security Boulevard


The role of visibility and analytics in zero trust architectures - Help Net Security


These invisible characters could be hidden backdoors in your JS code - Bleeping Computer


TrickBot teams up with Shatak phishers for Conti ransomware attacks - Bleeping Computer


Utah legislature awards two universities with $5 million for cybersecurity and tech programs - Help Net Security


Void Balaur hackers-for-hire sell stolen mailboxes and private data - Bleeping Computer


Vulnerabilities associated with ransomware increased 4.5% in Q3 2021s - Help Net Security


Vulnerabilities in Nucleus NET TCP/IP stack could lead to real-world damage - Help Net Security


Zero Trust Protects Against Ransomware, Claims Engineer - InfoSecurity Magazine


Why XDR is a ‘Must Have’ for Organizations of Every Size - Security Boulevard



09/11


81% of Organizations Experienced Increased Cyber-Threats During COVID-19 - InfoSecurity Magazine


API sprawl: A threat you might want to address later, but you can’t ignore it - Help Net Security


Average ransomware payment for US victims more than $6 million, survey says - ZDNet


Banking malware threats are increasing sharply - Help Net Security


Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks - Bleeping Computer


Cloud adoption growing steadily, but cost and regulatory challenges remain - Help Net Security


DomainTools Acquires Farsight Security - InfoSecurity Magazine


EU Commission takes on challenge to improve the cybersecurity of wireless devices - Help Net Security


Euro Police Arrest Two More REvil Affiliates as US Issues Sanctions - InfoSecurity Magazine


Free Cybersecurity Training for SMBs - InfoSecurity Magazine


Iranian state hackers use upgraded malware in attacks on ISPs, telcos - Bleeping Computer


McAfee Sold to Investor Group for $14bn - InfoSecurity Magazine


Medical software firm urges password resets after ransomware attack - Bleeping Computer


Meet Lyceum: Iranian hackers targeting telecoms, ISPs - ZDNet


Micro-Segmentation Used by 83% of Cybersecurity Leaders - InfoSecurity Magazine


Microsoft: Chinese hackers are targeting Zoho ManageEngine software - ZDNet


Microsoft November 2021 Patch Tuesday: 55 bugs squashed, two under active exploit - ZDNet


Microsoft November 2021 Patch Tuesday fixes 6 zero-days, 55 flaws - Bleeping Computer


Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292) - Help Net Security


Microsoft urges Exchange admins to patch bug exploited in the wild - Bleeping Computer


Retail industry security incidents soaring, worsened by the supply chain crisis - Help Net Security


Robinhood Data Breach Hits Seven Million Customers - InfoSecurity Magazine


Robinhood Trading App Suffers Data Breach Exposing 7 Million Users' Information - The Hacker News


Rust-proofing the internet with ISRG's Prossimo - ZDNet


Singapore embraces Zero Trust: A prediction comes true - ZDNet


TeamTNT hackers target your poorly configured Docker servers - Bleeping Computer


The cyber insurance dilemma: The risks of a safety net - Help Net Security


These cybersecurity vulnerabilities could leave millions of connected medical devices open to attack - ZDNet


Tor Browser 11 removes V2 Onion URL support, adds new UI - Bleeping Computer


Unique Challenges to Cyber-Security in Healthcare and How to Address Them - The Hacker News


US to Charge Suspects Over Kaseya Ransomware Attack - InfoSecurity Magazine


Why are we still asking KBA questions to authenticate identity? - Help Net Security



08/11


$55M Stolen from Crypto Company - InfoSecurity Magazine


70% of Dev Teams Admit to Skipping Security Steps - Security Boulevard


80% of organizations experienced employees misusing and abusing access to business apps - Help Net Security


BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups - The Hacker News


Chinese Spy Faces Decades in Jail After Conviction - InfoSecurity Magazine


Criminal group dismantled after forcing victims to be money mules - Bleeping Computer


Critical Flaws in Philips TASY EMR Could Expose Patient Data - The Hacker News


DNS Hijacking: What You Need to Know - Security Boulevard


DOJ charges and sanctions REvil leaders behind Kaseya attack, seizes $6 million in ransoms - ZDNet


Experts Detail Malicious Code Dropped Using ManageEngine ADSelfService Exploit - The Hacker News


FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments - Security Affairs


Google will kill Chrome sync support on Chrome 48 and earlier - Bleeping Computer


Healthcare – Patient or Perpetrator? – The Cybercriminals Within - Security Affairs


Hungarian official confirms Hungary used NSO Group Pegasus spyware - Security Affairs


Insurers Tap Cyber “Opportunity” as Rates Continue to Rise - InfoSecurity Magazine


Interpol Hunts for Remaining Clop Ransomware Members - InfoSecurity Magazine


Investor group acquires McAfee for more than $14 billion - ZDNet


MediaMarkt hit by Hive ransomware, initial $240 million ransom - Bleeping Computer


Mobile phishing exposure in the energy industry surged 161% in 2021 - Help Net Security


Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw - Security Affairs


Operation Cyclone targets Clop Ransomware affiliates - Security Affairs


Passport Scammers Spoof Texas HSI - InfoSecurity Magazine


Ransom Denied, Black Shadow Leaks Israeli Medical Data - Security Boulevard


Ransomware attack disrupted store operations in the Netherlands and Germany - Security Affairs


Ransomware: Suspected REvil ransomware affiliates arrested - ZDNet


REvil ransomware affiliates arrested in Romania and Kuwait - Bleeping Computer


Robinhood breach leaks information of 7 million people - ZDNet


Security teams need to become more proactive and risk-driven - Help Net Security


Sitecore XP RCE flaw patched last month now actively exploited - Bleeping Computer


Softbank plans to charge electronic gadgets using 5G antennas - Bleeping Computer


State hackers breach defense, energy, healthcare orgs worldwide - Bleeping Computer


Types of Penetration Testing - The Hacker News


UK Cyber Skills Shortage Rises by Over a Third - InfoSecurity Magazine


US sanctions Chatex cryptoexchange used by ransomware gangs - Bleeping Computer


US seizes $6 million from REvil ransomware, arrest Kaseya hackers - Bleeping Computer


Unseen gatekeepers: Industrial software providers’ role securing global infrastructure - Help Net Security


Younger generations care little about cybersecurity - Help Net Security


Why integrating SIEM tools is crucial to managing threats - Help Net Security



07/11


Attack on library system was attack on us all - The Blade


'Consumers need to be vigilant' - Black Friday scam warning issued as sales start early - Express


Credit Card Fraud Prevention: How to Protect Your Credit Card Online - UNB


Cybersecurity firms provide threat intel for Clop ransomware group arrests - ZDNet


Dangerous malicious code has just been discovered infecting smartphones, users must urgently remove these apps! - Tech Gaming Report


Data breach at CDSL's KYC arm exposed 4.39 cr investors' data twice within 10 days: CyberX9 - DEVDiscourse


Experts spotted a phishing campaign impersonating security firm Proofpoint - Security Affairs


Labor wants new anti-scam centre and code of practice for fighting against scams - ZDNet


Minecraft Players are under Attack, but it’s Not All Bad - Best Gaming Pro


Operation Cyclone deals blow to Clop ransomware operation - Bleeping Computer


The Dangers of Buying Fake Justin Bieber Tickets - Best Gaming Pro


Two NPM Packages With 22 Million Weekly Downloads Found Backdoored - The Hacker News




NEWS: Outubro - Novembro (31/10 - 06/11) - 44 Semana de 2021