NEWS: Novembro (07/11 - 13/11) - 45 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!
13/11
Biden’s naivete about Russian cyber warfare puts America in danger - New York Post
Cyber Attack Halts Beer Production At Barcelona's Damm Brewery - The Olive Press
Data of Lister fertility clinic patients compromised in a ransomware attack - Teiss
Delete these 7 Android apps before it costs you big bucks; spot fake LinkedIn alerts - Phone Arena
Fake end-to-end encrypted chat app distributes Android spyware - Bleeping Computer
FBI system hacked to email 'urgent' warning about fake cyberattacks - Bleeping Computer
Gmail, Yahoo and Hotmail users warned they are at risk of new scam - The Northern Echo
Internet Explorer is still causing trouble, even from the grave - TechRadar Pro
Lidl scam warning: Britons urged to 'watch out' as fake email could put your money at risk - Express
More than 300 security bugs, including those from 2014, must be patched by all federal agencies in the United States. - Brinkwire
Netherlands Detains Russian Sought By U.S. Over 'Ryuk' Ransomware - Radio Free Europe
Phishing in Troubled Waters: How To Protect Yourself from Hacker Attacks? - RTD
Security and Compliance Risks Associated With the Merger and Acquisition Process - InfoSecurity Magazine
Small-town Japanese hospital struggling with 'disaster' after ransomware attack - The Mainichi
Surveillance firm pays $1 million fine after 'spy van' scandal - Bleeping Computer
Warning From Chief Of Defence Staff: Cyber Crime Increase By 500% In India; Stay Alert - Trak
12/11
As technology pervades, CIOs’ influence on business strategy grows - Help Net Security
Barracuda Networks Report Shows Spike in Bait Attacks - Security Boulevard
Booking.com was breached by a hacker with links to US intelligence services - Computing
Booking.com was reportedly hacked by a US intel agency but never told customers - ARS Technica
Costco customers complain of fraudulent charges before company confirms card skimming attack - ZDNet
Costco discloses data breach after finding credit card skimmer - Bleeping Computer
Critical RCE in Palo Alto Networks (PAN) firewalls revealed, patch ASAP! (CVE-2021-3064) - Help Net Security
Cyber attack 'paralyses' Estrella Damm brewery badly hitting beer production - Wales Online
Cyber attack turns off the taps at Barcelona's Damm brewery - Majorca Daily Bulletin
Cyber Attackers Hit Ohio Hospital, Library, TV Stations - Scioto County Daily News
Europol: Ransomware Gangs Focusing on High Profile Targets - InfoSecurity Magazine
FTC shares ransomware defense tips for small US businesses - Bleeping Computer
Fraudsters hack into IT agency CEO’s phone - The Hindu
Google warns hackers used macOS zero-day flaw, could capture keystrokes, screengrabs - ZDNet
Hackers Increasingly Using HTML Smuggling in Malware and Phishing Attacks - The Hacker News
Hospital nearly normal more than a month after attack - Daily Journal
Industrial cybersecurity market to reach $22.3 billion by 2026 - Help Net Security
Interpol Closes in on Global BEC Gang - InfoSecurity Magazine
iPhone Data Leak: Expert Reveals How 'Minecraft' Shares Your Data! - Itech Post
Karnataka Bitcoin scam: Arrested accused hacked Bitfinex exchange twice - ET Cio
Lack of resources and skills continues to challenge PKI deployment - Help Net Security
Leveraging social media background checks to balance friction and risk - Help Net Security
Major comics distributor regains access to its website following ransomware attack - Games Radar
Major Water Supplier Suffers Nine-Month Long Breach - InfoSecurity Magazine
Medical software firm urges password resets after ransomware attack - Intelligent CIO
Millions of Routers, IoT Devices at Risk from New Open-Source Malware - ThreatPost
Movistar suffers a cyber attack that exposes customer data - CVBJ
Pay-per-click fraud is costing top tech companies, and you, hundreds of millions of dollars - TechRepublic
Pentagon Set to Open Zero Trust Office in December - InfoSecurity Magazine
Ransomware experts question massive Pysa/Mespinoza victim dump - ZDNet
Researchers Discover 13 Medical Device Security Vulnerabilities - Health IT Security
Russians Who Bought Fake Vaccine Certificates Targeted in Data Leak – Kommersant - The Moscow Times
Security standards should be strengthened outside the federal government too - Help Net Security
Spanish Brewery “Paralyzed” by Cyber-Attack - InfoSecurity Magazine
The 5 Golden Rules of Cyber-War - InfoSecurity Magazine
This sneaky trick lets attackers smuggle malware onto your network - ZDNet
Top 10 Cybersecurity Best Practices to Combat Ransomware - ThreatPost
UK Funds Project to Teach Autistic Children Cybersecurity Skills - InfoSecurity Magazine
Vulnerable Web Applications Prevalent in EU Pharma Companies - InfoSecurity Magazine
Why younger people are at higher risk for falling for phishing attacks - Standard Examiner
11/11
12 notorious ransomware actors nabbed in major Europol-led operation - Teiss
Are you less capable of innovation or more vulnerable to threats than you thought? - Help Net Security
As the holiday season approaches, threats to supply chain, e-commerce and travel soar - Help Net Security
Back-to-Back PlayStation 5 Hacks Hit on the Same Day - ThreatPost
BotenaGo botnet targets millions of IoT devices with 33 exploits - Bleeping Computer
Careful: 'Smart TV remote' Android app on Google Play is malware - Bleeping Computer
City of Moline confirms it was victim of phishing scam in December - KWQC
Critical WordPress plugin vulnerability allowed wiping databases - HackRead
CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN - Security Affairs
DDoS attacks were a more serious threat in Q3 2021 than ever before - Help Net Security
EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms - Help Net Security
Flaw Exposing Data of 44 Million Indian Investors Patched - GovInfo Security
Gmail accounts are used in 91% of all baiting email attacks - Bleeping Computer
Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant - The Hacker News
Hackers undetected on Queensland water supplier server for 9 months - Bleeping Computer
Humanizing hackers: Entering the minds of those behind the attacks - Help Net Security
Iran's Lyceum Hackers Target Telecoms, ISPs in Israel, Saudi Arabia, and Africa - The Hacker News
Legal action against Sky Betting and Gaming being explored following data breach - Gambling Insider
Magniber ransomware gang now exploits Internet Explorer flaws in attacks - Bleeping Computer
Microsoft: New security updates trigger Windows Server auth issues - Bleeping Computer
Navigating The Threat Landscape 2021 – From Ransomware to Botnets - The Hacker News
New BazarBackdoor Attack Discovered - InfoSecurity Magazine
Phishing attacks grow 31.5% over 2020, social media attacks continue to climb - Help Net Security
Post-Graff Hacking, Ransomware Group Says It Won’t Leak Dictator Data - JCK Online
Ransomware Attack Hits UK Fertility Clinic - InfoSecurity Magazine
Ransomware attacks target German companies at the same time - EuraCTIV
Researchers Uncover Prolific Hacker-for-Hire Group - InfoSecurity Magazine
Robinhood crippled by trading outage two days after data breach - Finance Feeds
Scam PACs Allegedly Stole $3.5m from Trump Voters - InfoSecurity Magazine
Sophisticated Android spyware PhoneSpy infected thousands of Korean phones - Security Affairs
The world’s worst kept secret and the truth behind passwordless technology - Help Net Security
‘Thoughtless’ flaw on DFA website leaves thousands vulnerable to phishing attacks — cybersecurity expert - Business World
TrickBot Operators Partner with Shatak Attackers for Conti Ransomware - The Hacker News
US Firms Hit with Largest Ransoms Globally - InfoSecurity Magazine
Waikato DHB cyberattack: Board prewarned security was severely compromised - NZHerald
10/11
13 New Flaws in Siemens Nucleus TCP/IP Stack Impact Safety-Critical Equipment - The Hacker News
14 New Security Flaws Found in BusyBox Linux Utility for Embedded Devices - The Hacker News
2022 Cybersecurity Predictions From RSA Conference’s Advisory Board - Security Boulevard
A stalker's wishlist: PhoneSpy malware destroys Android privacy - ZDNet
Anglers Redirected to Pornhub - InfoSecurity Magazine
As the move to the cloud accelerates, data privacy and security remain critical - Help Net Security
Businesses don't know how to manage VPN security properly - and cyber criminals are taking advantage - ZDNet
Class Action Against Google Blocked - InfoSecurity Magazine
Dallas Police Surveillance Footage Leaked - InfoSecurity Magazine
Dependency Combobulator: Open source toolkit to combat dependency confusion attacks - Help Net Security
Europol Practices Post-Terror Incident Response - InfoSecurity Magazine
Experts tout $2 billion in cybersecurity funding in Biden's infrastructure bill - ZDNet
How to Create a Safe and Democratic Digital Infrastructure - InfoSecurity Magazine
iPhone users don't care about sideloading - ZDNet
Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sites - Bleeping Computer
Lazarus hackers target researchers with trojanized IDA Pro - Bleeping Computer
Leveraging Behavioral Psychology to Improve Teamwork in Cybersecurity - InfoSecurity Magazine
Microsoft patches Excel zero-day used in attacks, asks Mac users to wait - Bleeping Computer
Microsoft: Patch Zoho Bug Now to Stop Chinese Hackers - InfoSecurity Magazine
Most CIOs and CISOs underestimate the risk of an OT breach - Help Net Security
Most cybersecurity leaders use microsegmentation to augment corporate network security - Help Net Security
New Android malware targets Netflix, Instagram, and Twitter users - Bleeping Computer
Organizations believe they are ready for ransomware attacks - Help Net Security
Over 80% of CNI Firms Have Been Breached in Past 36 Months - InfoSecurity Magazine
Palo Alto Networks patches zero-day affecting firewalls using GlobalProtect Portal VPN - ZDNet
PhoneSpy: Android spyware campaign targeting South Korean users - Bleeping Computer
Ransomware is The New Terrorism, Contends Cyber Expert - InfoSecurity Magazine
Researchers Discover PhoneSpy Malware Spying on South Korean Citizens - The Hacker News
Researchers show that Apple’s CSAM scanning can be fooled easily - Bleeping Computer
Security Basics in a Hybrid Environment - Security Boulevard
The role of visibility and analytics in zero trust architectures - Help Net Security
These invisible characters could be hidden backdoors in your JS code - Bleeping Computer
TrickBot teams up with Shatak phishers for Conti ransomware attacks - Bleeping Computer
Utah legislature awards two universities with $5 million for cybersecurity and tech programs - Help Net Security
Void Balaur hackers-for-hire sell stolen mailboxes and private data - Bleeping Computer
Vulnerabilities associated with ransomware increased 4.5% in Q3 2021s - Help Net Security
Vulnerabilities in Nucleus NET TCP/IP stack could lead to real-world damage - Help Net Security
Zero Trust Protects Against Ransomware, Claims Engineer - InfoSecurity Magazine
Why XDR is a ‘Must Have’ for Organizations of Every Size - Security Boulevard
09/11
81% of Organizations Experienced Increased Cyber-Threats During COVID-19 - InfoSecurity Magazine
API sprawl: A threat you might want to address later, but you can’t ignore it - Help Net Security
Average ransomware payment for US victims more than $6 million, survey says - ZDNet
Banking malware threats are increasing sharply - Help Net Security
Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks - Bleeping Computer
Cloud adoption growing steadily, but cost and regulatory challenges remain - Help Net Security
DomainTools Acquires Farsight Security - InfoSecurity Magazine
EU Commission takes on challenge to improve the cybersecurity of wireless devices - Help Net Security
Euro Police Arrest Two More REvil Affiliates as US Issues Sanctions - InfoSecurity Magazine
Free Cybersecurity Training for SMBs - InfoSecurity Magazine
Iranian state hackers use upgraded malware in attacks on ISPs, telcos - Bleeping Computer
McAfee Sold to Investor Group for $14bn - InfoSecurity Magazine
Medical software firm urges password resets after ransomware attack - Bleeping Computer
Meet Lyceum: Iranian hackers targeting telecoms, ISPs - ZDNet
Micro-Segmentation Used by 83% of Cybersecurity Leaders - InfoSecurity Magazine
Microsoft: Chinese hackers are targeting Zoho ManageEngine software - ZDNet
Microsoft November 2021 Patch Tuesday: 55 bugs squashed, two under active exploit - ZDNet
Microsoft November 2021 Patch Tuesday fixes 6 zero-days, 55 flaws - Bleeping Computer
Microsoft patches actively exploited Exchange, Excel zero-days (CVE-2021-42321, CVE-2021-42292) - Help Net Security
Microsoft urges Exchange admins to patch bug exploited in the wild - Bleeping Computer
Retail industry security incidents soaring, worsened by the supply chain crisis - Help Net Security
Robinhood Data Breach Hits Seven Million Customers - InfoSecurity Magazine
Robinhood Trading App Suffers Data Breach Exposing 7 Million Users' Information - The Hacker News
Rust-proofing the internet with ISRG's Prossimo - ZDNet
Singapore embraces Zero Trust: A prediction comes true - ZDNet
TeamTNT hackers target your poorly configured Docker servers - Bleeping Computer
The cyber insurance dilemma: The risks of a safety net - Help Net Security
These cybersecurity vulnerabilities could leave millions of connected medical devices open to attack - ZDNet
Tor Browser 11 removes V2 Onion URL support, adds new UI - Bleeping Computer
Unique Challenges to Cyber-Security in Healthcare and How to Address Them - The Hacker News
US to Charge Suspects Over Kaseya Ransomware Attack - InfoSecurity Magazine
Why are we still asking KBA questions to authenticate identity? - Help Net Security
08/11
$55M Stolen from Crypto Company - InfoSecurity Magazine
70% of Dev Teams Admit to Skipping Security Steps - Security Boulevard
80% of organizations experienced employees misusing and abusing access to business apps - Help Net Security
BlackBerry Uncovers Initial Access Broker Linked to 3 Distinct Hacker Groups - The Hacker News
Chinese Spy Faces Decades in Jail After Conviction - InfoSecurity Magazine
Criminal group dismantled after forcing victims to be money mules - Bleeping Computer
Critical Flaws in Philips TASY EMR Could Expose Patient Data - The Hacker News
DNS Hijacking: What You Need to Know - Security Boulevard
DOJ charges and sanctions REvil leaders behind Kaseya attack, seizes $6 million in ransoms - ZDNet
Experts Detail Malicious Code Dropped Using ManageEngine ADSelfService Exploit - The Hacker News
FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments - Security Affairs
Google will kill Chrome sync support on Chrome 48 and earlier - Bleeping Computer
Healthcare – Patient or Perpetrator? – The Cybercriminals Within - Security Affairs
Hungarian official confirms Hungary used NSO Group Pegasus spyware - Security Affairs
Insurers Tap Cyber “Opportunity” as Rates Continue to Rise - InfoSecurity Magazine
Interpol Hunts for Remaining Clop Ransomware Members - InfoSecurity Magazine
Investor group acquires McAfee for more than $14 billion - ZDNet
MediaMarkt hit by Hive ransomware, initial $240 million ransom - Bleeping Computer
Mobile phishing exposure in the energy industry surged 161% in 2021 - Help Net Security
Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw - Security Affairs</