NEWS: Outubro - Novembro (31/10 - 06/11) - 44 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!
06/11
Amazon Black Friday Scam: Fake Email Can Steal Your Credit Card Details, Here's How to Prevent It - ITechPost
CDNetworks Releases State of the Web Security for 2020: Web Application Attacks Surged 740% - AIThority
Debit Card Fraud: A Growing Issue in Financial Services - FinTech
Decentralization may be key to protecting our digital identities - Venture Beat
DeFi protocol bZx falls victim to phishing attack, around $55 million lost - AMBCrypto
Electronic Warfare Associates (EWA) Data Breach: Email Phishing Incident Details - MSSP Alert
Google Ads Becomes Latest Platform Used to Steal Crypto in $500,000 Phishing Attacks - be[in]crypto
HDFC Bank warns customers of cyber fraud; Here’s how to avoid loss of money - Zee News
Inertia is the enemy of cybersecurity - The Hill
Minecraft gamers being targeted by Chaos ransomware in Japan - The Digital Hacker
Moline paid $421,000 to scammers a year ago, but city officials kept it quiet [Quad City Times, Davenport, Iowa] - Insurance News Net
Phishing Is an Insider Risk - It's Time to Tackle It Like One - InfoSecurity Magazine
Proofpoint unearths the use of Squid Game as lure by TA575 to distribute Dridex malware - ITP Net
Ransomware Attack on a Florida Lab - The Digital Hacker
The State of Education Cybersecurity: 3 Lessons for Protecting the Post-Covid Classroom - Elearning Inside
05/11
1.8 TB of Police Helicopter Surveillance Footage Leaks Online - Wired
77% of rootkits are used for espionage purposes - Help Net Security
2021’s 6 Nastiest Malware—and How to Avoid Their Wrath - Channel Futures
Blocked DDoS events up 75% in the first nine months of 2021 - Help Net Security
Crooks Commandeer Sam's Club Name to Send Scam Emails - AARP
Facial Recognition Firm Could Be Ordered to "Close" in UK, Warn Experts - InfoSecurity Magazine
FBI is involved in probe of 'security incident' at Martin County Tax Collector's Office - TC Palm
Fragmented approach to identity security management creates risk - Help Net Security
Google Ads for Faux Crypto Wallets Net Scammers At Least $500K - Threatpost
Monterey County told of data breach more than a month afterward - Monterey Herald
Native Tribal Casinos Taking Millions in Ransomware Losses - Threatpost
ONS Reports Huge Spike in Cybercrime and Fraud During COVID-19 - InfoSecurity Magazine
Organizations seldom prioritize cybersecurity over business outcomes - Help Net Security
Philips healthcare infomatics solution vulnerable to SQL injection - Bleeping Computer
Ransom Denied, Black Shadow Leaks Israeli Medical Data - Security Boulevard
Ransomware Attack on Lab in Florida - InfoSecurity Magazine
Reward! Uncle Sam promises $10m for info about DarkSide ransomware gang chiefs - The Register
Social Engineering News: Vishing - Social Engineering
Software development: Why security and constant vigilance are everyone’s responsibilities - Help Net Security
SSL certificate research highlights pitfalls for company data, competition - ZDNet
Students react to Twitch data breach - The Cougar
The IoT is getting a lot bigger, but security is still getting left behind - ZDNet
Twitter hacker charged in sim swapping, cryptocurrency scheme - HackRead
Twitter joins backlash against Australian plan to ID social media users - ZDNet
Ukraine Unmasks Armageddon Group as FSB Officers - InfoSecurity Magazine
U.S. Federal Agencies Ordered to Patch Hundreds of Actively Exploited Flaws - The Hacker News
U.S. Offers $10 Million Reward for Information on DarkSide Ransomware Group - The Hacker News
US Offers $10m Reward to Unmask DarkSide Leaders - InfoSecurity Magazine
04/11
CERT-FR warns of Lockean ransomware attacks against French companies - Security Affairs
CISA shares a catalog of 306 actively exploited vulnerabilities - Security Affairs
Cisco fixes hard-coded credentials and default SSH key issues - Bleeping Computer
Consumers Warned About Rise in Call Center Threats - InfoSecurity Magazine
Critical RCE Vulnerability Reported in Linux Kernel's TIPC Module - The Hacker News
Crypto investors lose $500,000 to Google Ads pushing fake wallets - Bleeping Computer
Cyber Attack Knocks Ohio County Library Computers Offline - Data Breaches Net
Domaining.com reports security incident - Data Breaches Net
Don’t Get ‘Shawshanked’ by DNS Tunneling - Security Boulevard
Hacker allegedly involved in 2020 Twitter hack charged with theft of $784K in crypto - Security Affairs
Hackers gained access to mySA Gov accounts, including licence and rego details - ZDNet
How to ease password pains while maintaining security - Help Net Security
iFood: restaurantes afetados pedem que empresa cubra prejuízo - Tecmundo
Iranian Hacking Group Leaks Patient and LGBTQ Info - InfoSecurity Magazine
Lockean multi-ransomware affiliates linked to attacks on French orgs - Bleeping Computer
Microsoft Exchange ProxyShell exploits used to deploy Babuk ransomware - Bleeping Computer
NSO Group Blacklisted by US for Trade in Spyware - InfoSecurity Magazine
O que é Privacidade e como trabalhar na área - Tecmundo
Organizations can save $1.9 million using workforce passwordless authentication - Help Net Security
Our journey to API security at Raiffeisen Bank International - The Hacker News
Remote code execution flaw patched in Linux Kernel TIPC module - ZDNet
Samsung Galaxy S21 hacked on second day of Pwn2Own Austin - Bleeping Computer
Supply Chain at Risk: Brokers Sell Access to Shipping, Logistics Companies - Security Boulevard
Surge in cyber attacks confirms the need for zero trust security - Help Net Security
Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205 - Help Net Security
The ultimate SaaS Security Posture Management (SSPM) checklist - Help Net Security
Threat Actor Claims 'Groove' Ransomware Gang Was Hoax - InfoSecurity Magazine
Top 10 ways attackers are increasing pressure on their ransomware victims to pay - Help Net Security
Ukraine links members of Gamaredon hacker group to Russian FSB - Bleeping Computer
US Blocks Trade with ‘Legal’ Pegasus Spyware Firm, NSO - Security Boulevard
US indicts UK resident 'PlugwalkJoe' for cryptocurrency theft - ZDNet
03/11
A ransomware reality check for CISOs - Help Net Security
Actors Bait Discord Users With Free Nitro Version to Phish Steam User Credentials - TechNadu
Actors Invade Harvard Website Using Fake Student Identities for Scamming - TechNadu
Alleged Twitter hacker charged with theft of $784K in crypto via SIM swaps - Bleeping Computer
Arrests were made, but the Mekotio Trojan lives on - ZDNet
Beware: Free Discord Nitro phishing targets Steam gamers - Bleeping Computer
BlackMatter ransomware claims to be shutting down due to police pressure - Bleeping Computer
BlackMatter ransomware gang is shutting down due to pressure from law enforcement - Security Affairs
BlackMatter Ransomware Reportedly Shutting Down; Latest Analysis Released - The Hacker News
BlackMatter ransomware to shut down, affiliates transferring victims to LockBit - ZDNet
Brazilians resign to remote work monitoring - ZDNet
CISA orders federal agencies to fix hundreds of exploited security flaws - Bleeping Computer
Clearview AI slammed for breaching Australians' privacy on numerous fronts - ZDNet
Cybercrime underground flooded with offers for initial access to shipping and logistics orgs - Security Affairs
Cyber-Incident Impacts UK Labour Partye - InfoSecurity Magazine
Einstein’s Wormhole Exposes Salesforce Calendars to Potential Hackers - TechNadu
Facebook to Shut Down Facial Recognition System and Delete Billions of Records - The Hacker News
Google fixes actively exploited Zero-Day Kernel flaw in Android - Security Affairs
Google signs deal with US Air Force, announces FedRAMP High and IL4 authorizations - ZDNet
Holiday Shopping Disruption Beckons as Retail Bot Attacks Surge 13% - InfoSecurity Magazine
How the rise in identity crimes and cyberattacks impacts small businesses - Help Net Security
iFood confirma que ataque foi realizado por funcionário - TecMundo
(IN)SECURE Magazine issue 70 released - Help Net Security
Mapping ATT&CK techniques to CVEs should make risk assessment easier - Help Net Security
Medical school exposes personal data of thousands of students - ZDNet
Mekotio Banking Trojan Resurfaces with New Attacking and Stealth Techniques - The Hacker News
Microsoft: Windows 11 built-in apps might not open on some systems - Bleeping Computer
Only 2% of IT practitioners are confident in their organization’s ability to reduce API security issues - Help Net Security
Proven third-party risk management strategies - Help Net Security
Ransomware attacks increased 148% in Q3 2021, showing no sign of slowing - Help Net Security
Restaurantes têm nomes alterados no iFood por mensagens de apoio a Bolsonaro e contra vacina - G1 Tecnologia
Revealed: The 10 worst hardware security flaws in 2021 - ZDNet
Rooting malware discovered on Google Play, Samsung Galaxy Store - Help Net Security
Student Loans Company Dismissals Highlight Insider Risk - InfoSecurity Magazine
US Sanctions Pegasus-maker NSO Group and 3 Others For Selling Spyware - The Hacker News
While businesses are ramping up their risk mitigation efforts, they could be doing more - Help Net Security
02/11
24-year-old arrested after renting 300 bank accounts to the phishing capital of India - The Economic Times
Active Directory control: How adversaries score even bigger goals via attack paths - Help Net Security
Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild - The Hacker News
Android November patch fixes actively exploited kernel bug - Bleeping Computer
Annual Cost of Child Identity Fraud Almost $1Bn - InfoSecurity Magazine
Beyond ransomware: why ILS capacity will be important to cyber risk - Intelligent Insurer
Canada’s Newfoundland and Labrador Healthcare Possibly Hit by Cyberattack - TechNadu
Cybercriminals sell access to international shipping, logistics giants - ZDNet
Data breach at US physical therapy center impacts more than 6,500 patients - The Daily Swig
'Facebook papers': quais são as acusações contra a gigante da tecnologia - G1 Tecnologia
Facebook vai desativar sistema de reconhecimento facial - G1 Tecnologia
FIN12 Ransomware: Why It’s a Healthcare Threat, How to Prevent an Attack - Health IT Security
Google to Pay Hackers $31,337 for Exploiting Patched Linux Kernel Flaws - The Hacker News
Hackers Deploy ELF on Windows Loaders to Exploit WSL Features - TechNadu
How to Best Protect Your Money From Hackers as Crypto Markets Boom - Beincrypto
iFood hackeado? Nomes de restaurantes alterados por ataques políticos - TecMundo
International Police Operation Targets High Profile Ransomware Attackers - Digit
Lazarus takes aim at defense industry - IT-Online
‘Minecraft’ stolen account list is actually ransomware that attacks cheaters - NME
Most Computer Code Compilers Vulnerable to Novel Attacks - InfoSecurity Magazine
New malware lures fake Chrome update to attack Windows PCs - HackRead
Over 30,000 GitLab servers still unpatched against critical bug - Bleeping Computer
Ransomware fears drive Aussie IT security spending towards $4.6B - ARN
Ransomware Readiness: PCI DSS Compliance And A Sound Backup Recovery Strategy - Forbes
Supply chain cyber attacks expected to increase in 2022 - Continuity Central
Take a survey, spam your friends, download fleeceware - Avast
The Future of Cybersecurity Isn’t What We Expected - Javvad Malik
Toronto subways hit by ransomware as US lawmakers slam 'burdensome' cybersecurity rules - ZDNet
What Is LemonDuck? Cross-Platform Mining Malware That Affects Windows and Linux - Make Use Of
01/11
500 Million Attempted Ransomware Attacks (So Far) In 2021 - MSSP Alert
Atento: dados publicados pelo ransomware Lockbit 2.0 - CISO Advisor
Art Basel's parent company MCH Group warns of possible data breach after criminal cyber attack - The Art Newspaper
Black Shadow Leak Data Hacked From Israeli LGBTQ Platform - TechNadu
BlackShadow hackers breach Israeli hosting firm and extort customers - Bleeping Computer
California Health Network Reports Data Breach - InfoSecurity Magazine
Canadian province health care system disrupted by cyberattack - Bleeping Computer
Celebrity data leaked after ransomware attack on London's Graff jewellers - ITPro
Chaos Ransomware Variant Targets Japanese Minecraft Gamers - TechNadu
China's personal data protection law kicks in today - ZDNet
Conti Group Leak Celebs' Data After Ransom Attack on Jeweller - InfoSecurity Magazine
Critical Flaws Uncovered in Pentaho Business Analytics Software - The Hacker News
Cyber-Incident at South Carolina School District - InfoSecurity Magazine
Europol Ransomware Attack: Company Seizes Over $52,000, 5 Luxury Vehicles From 12 Suspects Who Launched Global Attack - Tech Times
Financial services need to prioritize API security to protect their customers - Help Net Security
Hive ransomware group extends to cloud-based Linux variants - SC Media
Kaspersky's stolen Amazon SES token used in Office 365 phishing - Bleeping Computer
List of data breaches and cyber attacks in October 2021 – 51.2 million records breached - IT Governance
Martin County Tax Collector 'likely' hacked by BlackByte ransomware - TCPalm
Microsoft: This macOS flaw could have let attackers install undetectable malware - ZDNet
Multi-layered security is like a strong NFL defense - Techwire
New Zealand Cybersecurity Company Helps Squelch BlackMatter Ransomware Scheme - TechZone 360
Only 31% of employees are trained against ransomware attacks - Venturebeat
Possible cyberattack hits 'brain' of N.L. health-care system, delaying thousands of appointments - CBC News
Ransomware attack targets Las Vegas Cancer Center patients' personal information - KTNV Las Vegas
Researchers Uncover 'Pink' Botnet Malware That Infected Over 1.6 Million Devices - The Hacker News
This sneaky trick could allow attackers to hide 'invisible' vulnerabilities in code - ZDNet
Trojan Source attack lets hackers exploit source code - HackRead
Universities and colleges see ransomware as biggest cyber threat - UK Authority
Wheel-Trans users express frustrations as ransomware attack leaves them unable to book new rides - CP24
31/01
12 Men Linked to Various Ransomware Operations Arrested - Tech Dator
A predictive cybersecurity diagnosis for healthcare - Healthcare
Cybercrime 101: What You Don't Know Can Hurt The Most - Tribune
Graff multinational jeweller hit by Conti gang. Data of its rich clients are at risk, including Trump and Beckham - Security Affairs
Microsoft warns of rise in password sprays targeting cloud accounts - Bleeping Computer
National Bank of Pakistan gets hit by cyberattack, reports no financial loss or data breach - Wion
Ransomware: German authorities allegedly identify a member of the REvil group - Market Research Telecast