NEWS: Outubro (03/10 - 09/10) - 40 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!

09/10
1.5 Billion Facebook Users’ Personal Information Allegedly Posted for Sale - Honest News Reporter
5 subtle clues that email is really a clever phishing scam - Kim Komando
90% of AWS S3 Buckets Are Vulnerable to Ransomware - WebProNews
Academic Records At Harvard-Westlake School Breached - Canyon News
Bank of America insider charged with money laundering for BEC scams - Bleeping Computer
Chinese Hackers Target Political Issues, Universities In Taiwan, Hong Kong: Report - Republic World
Cryptocurrency Could Prevent Hacking Of Autonomous Vehicles - CarBuzz
Macquarie Health Corporation hit by Windows Hive ransomware - IT Wire
Tech and Humans Defend Your Startup Against Ransomware - Grit Daily
Twitch data breach: Everything you need to know - Slash Gear
WeChat Found Scanning User Photos in the Background as a Routine - TechNadu
Weir sees shares fall after cyber attack revealed - The Herald Scotland

08/10
Apache rolled out a new update in a few days to fix incomplete patch for an actively exploited flaw - Security Affairs
BrewDog exposed data for over 200,000 shareholders and customers - Bleeping Computer
BrewDog exposed data of 200,000 shareholders for over a year - ZDNet
Cloudflare Not Liable for Its Users’ Copyright Infringement, Court Rules - TechNadu
Engineering giant Weir Group hit by ransomware attack - Bleeping Computer
Google announces new efforts to protect journalists and high-risk users from cyberattacks - ZDNet
Google warns of APT28 attack attempts against 14,000 Gmail users - Security Affairs
Microsoft: Russia Dominates State-Sponsored Attacks - InfoSecurity Magazine
Microsoft: Russian state hackers behind 53% of attacks on US govt agencies - Bleeping Computer
Mozilla upgrades older Thunderbird clients to the latest version - Bleeping Computer
NatWest Pleads Guilty in £400m Money Laundering Case - InfoSecurity Magazine
Patch management complexity increased by remote work is putting organizations at risk - ZDNet
Ransomware: Cyber criminals are still exploiting these old vulnerabilities, so patch now - ZDNet
Ransomware Group FIN12 Aggressively Going After Healthcare Targets - The Hacker News
Researchers Warn of FontOnLake Rootkit Malware Targeting Linux Systems - The Hacker News
Russia poses the biggest nation-state cyber threat, says Microsoft - ZDNet
Singapore tweaks cybersecurity strategy with OT emphasis - ZDNet
The Netherlands declares war on ransomware operations - Security Affairs
UK Firms Hit by One Attack Every 47 Seconds Over Summer - InfoSecurity Magazine
Virtual collaboration technology issues plaguing the hybrid workforce - ZDNet

07/10
Apple now requires all apps to make it easy for users to delete their accounts - The Hacker News
Cybersecurity best practices lagging, despite people being aware of the risks - Help Net Security
Data Breach Volumes for 2021 Already Exceed 2020 Total - InfoSecurity Magazine
DTA certifies four cloud providers to store sensitive government data - ZDNet
Electronic warfare: The critical capability of dominating the electromagnetic spectrum - Help Net Security
Finding the right mix: Leveraging policy and incentives to improve healthcare cybersecurity - Help Net Security
Former Kent police officer sentenced for downloading child sex abuse material - ZDNet
Fraudulent robocalls to cost consumers $40 billion in 2022 - Help Net Security
Google warns 14,000 Gmail users targeted by Russian hackers - Bleeping Computer
Infosec Experts: Twitch Breach “As Bad as it Gets” - InfoSecurity Magazine
Marketing, Aerospace, and IT Pros Struggle with Passwords - Security Boulevard
New Security Challenges Require New Mindset - Security Boulevard
New U.S. Government Initiative Holds Contractors Accountable for Cybersecurity - The Hacker News
Operation GhostShell: MalKamak APT targets aerospace and telco firms - Security Affairs
Organizations putting security and compliance at the forefront to strengthen trust perceptions - Help Net Security
Patching Too Tortuous for IT Pros - InfoSecurity Magazine
Penetration Testing Your AWS Environment - A CTO's Guide - The Hacker News
Police Crack Multimillion-Dollar Real Estate Fraud Gang - InfoSecurity Magazine
Smishing on the Rise - InfoSecurity Magazine
Twitch data breach updates: login credentials or card numbers not exposed - Security Affairs
Twitch: No credentials or card numbers exposed in data breach - Bleeping Computer
Which technologies can help legal and compliance teams navigate a changing landscape of risk? - Help Net Security
Why The Biggest Cyberattacks Happen Slowly - Security Boulevard

06/10
91.5% of malware arrived over encrypted connections during Q2 2021 - Help Net Security
A company spotted a security breach. Then investigators found this new mysterious malware - ZDNet
Asean champions regional efforts in cybersecurity, urges international participation - ZDNet
ATO attacks increased 307% between 2019 and 2021 - Help Net Security
Atom Silo Uses DLL Side-Loading to Deploy Ransomware - Information Security
Becoming a new chief information security officer today: The steps for success - ZDNet
Critical infrastructure IoT security: Going back to basics - Help Net Security
DEF CON 29 Biohacking Village – Pia Zaragoza’s & Joel Isaac’s ‘HC Innovation With People Of All Abilities’ - Security Boulevard
Digital key builds on past practices to create a more secure future - Help Net Security
European Parliament calls for ban on AI-powered mass surveillance - Bleeping Computer
European Parliament passes non-binding resolution to ban facial recognition - ZDNet
Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs - Security Affairs
Fired IT admin revenge-hacks school by wiping data, changing passwords - Bleeping Computer
Firefox improves advertising tracker blocking in private browsing - Bleeping Computer
Google to turn on 2-factor authentication by default for 150 million users - The Hacker News
Hackers use stealthy ShellClient malware on aerospace, telco firms - Bleeping Computer
Meet ESPecter: a new UEFI bootkit for cyber spying - ZDNet
Microsoft finds Windows 11 issues with SmartByte networking software - Bleeping Computer
Microsoft shares Windows 11 TPM check bypass for unsupported PCs - Bleeping Computer
Multiple Critical Flaws Discovered in Honeywell Experion PKS and ACE Controllers - The Hacker News
NCSC: Revoke Admin Access for BYOD Users Immediately - Information Security
Obstacles and threats organizations face when protecting AD - Help Net Security
One in three IT security managers don’t have a formal cybersecurity incident response plan - Help Net Security
Patch Apache HTTP Servers Now to Avoid Zero Day Exploit - Information Security
Ransom Disclosure Act would give victims 48 hours to report payments - Bleeping Computer
Singapore inks pact with Finland to mutually recognise IoT security labels - ZDNet
The Rise of Machine Identities - Security Boulevard
Twitch source code, business data, gamer payouts leaked in massive hack - ZDNet
Twitch Suffers Massive 125GB Data and Source Code Leak Due to Server Misconfiguration - The Hacker News
US Deputy Attorney General launches cryptocurrency enforcement team at DOJ - ZDNet
U.S. govt to sue contractors who hide breach incidents - Bleeping Computer
Vazamento da Twitch revela ganhos de streamers e planos de rival do Steam - G1
Windows 11 bug reverts users back to the Windows 10 taskbar - Bleeping Computer

05/10
Android October patch fixes three critical bugs, 41 flaws in total - Bleeping Computer
APIs and Security: What’s a Security Officer to Do?
- Security Boulevard
Atom Silo ransomware operators target vulnerable Confluence servers - ZDNet
Closing the Security Gaps at the Edge - Security Boulevard
Dark web marketplace White House announces end to its operations - Security Affairs
Domain security remains an underutilized component to curb attacksy - Help Net Security
English High Court Clarifies Appropriate Causes of Action in Data Claim Where Defendant Was a Victim of Third-Party Cyber-Attack - DataBreaches NET
Facebook Blames Global Outage on Configuration Error - InfoSecurity Magazine
Facebook: Outage caused by faulty routing configuration changes - Bleeping Computer
Five proven techniques for building effective fraud management - Help Net Security
For adapting to new cloud security threats, look to “old” technology - Help Net Security
Google to auto-enroll 150 million user accounts into 2FA - Bleeping Computer
Google Pledges $1m to Secure Open Source Project - InfoSecurity Magazine
How CISOs plan to accelerate the adoption of automation - Help Net Security
Large ransom demands and password-guessing attacks escalate - Help Net Security
McAfee Report: Ransomware Adopts New Tactics and Targets - Security Boulevard
Misconfigured Apache Airflow servers leak thousands of credentials - Security Affairs
Misconfigured, old Airflow instances leak Slack, AWS credentials - ZDNet
New Study Links Seemingly Disparate Malware Attacks to Chinese Hackers - The Hacker News
New UEFI bootkit used to backdoor Windows devices since 2012 - Bleeping Computer
Qualys Unfurls Ransomware Risk Assessment Service - Security Boulevard
Ransomware gang encrypts VMware ESXi servers with Python script - Bleeping Computer
Ransomware Hackers Who Attacked Over 100 Companies Arrested in Ukraine - The Hacker News
Reducing InfoSec Threats Takes a Village - Security Boulevard
Security and trust in software remains top priority for buyers - Help Net Security
Telco service provider giant Syniverse had unauthorized access since 2016 - Security Affairs
Tesuque Casino reopens Tuesday after September cyberattack - DataBreaches NET
Text Message Giant Reveals Five-Year Breach - InfoSecurity Magazine
The cybersecurity issues organizations deal with remain complex and numerous - Help Net Security

04/10
A New APT Hacking Group Targeting Fuel, Energy, and Aviation Industries - The Hacker News
Coinbase Attackers Bypassed Account Authentication - InfoSecurity Magazine
Combating vulnerability fatigue with automated security validation - Help Net Security
Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems - The Hacker News
Cybersecurity budgets for industrial control systems and operational tech increasing: SANS Institute - ZDNet
DEF CON 29 Biohacking Village – Andrea Downing’s ‘No Aggregation Without Representation’ - Security Boulevard
DHS and NIST release post-quantum cryptography guidance - The Record
DNS de WhatsApp, Facebook, Instagram somem da Internet - CISO Advisor
Do you have a plan for your cybersecurity career? Time to skill up! - Help Net Security
Erosion of digital trust: Consumers want more personal information protection - Help Net Security
Ex-Army Technician Gets 12 Years for Role in Fraud Scheme - InfoSecurity Magazine
Facebook goes down, along with Instagram and WhatsApp - ZDNet
Facebook, WhatsApp, and Instagram are down worldwide, it’s panic online - Security Affairs
Facebook, WhatsApp, and Instagram down due to DNS outage - Bleeping Computer
Facebook Whistleblower to Testify Before Senate - InfoSecurity Magazine
Fraudster jailed for stealing US military health records, millions in benefits - ZDNet
How collaboration between IT pros and senior leaders could drive the future of risk mitigation - Help Net Security
Human vs. Artificial Intelligence in Autonomous Systems - Security Boulevard
iOS 15.0.1: Bugfixes galore - ZDNet
LockBit 2.0 ransomware hit Israeli defense firm E.M.I.T. Aviation Consulting - Security Affairs
Misconfigured Apache Airflow servers leak thousands of credentials - Bleeping Computer
New APT ChamelGang Targets energy and aviation companies in Russia - Security Affairs
New Atom Silo ransomware targets vulnerable Confluence servers - Bleeping Computer
New offensive cyber force will "confront aggressive behaviour", says Foreign Secretary - ZDNet
Open source: Google is going to pay developers to make projects more secure - ZDNet
Personal Information of More Than 1.5 Billion Facebook Users Sold on Hacker Forum - Privacy Affairs
Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services - The Hacker News
Pottawatomie County paid the ransom to recover its systems - Security Affairs
Prolific Ransomware Operators Arrested in Joint Law Enforcement Action - InfoSecurity Magazine
RaidForums forced to use mirror after Brazilian govt contacts registrar - Bleeping Computer
Ransomware operators behind hundreds of attacks arrested in Ukraine - Bleeping Computer
Ransomware: Police arrest two in operation against 'prolific' gang that targeted big businesses - ZDNet
Running Robust Managed Detection and Response Services - Security Boulevard
The future role of data, AI and the cloud - Help Net Security
The Shortfalls of Mean Time Metrics in Cybersecurity - The Hacker News
Two ransomware operators were arrested in Kyiv with EUROPOL’s support - Security Affairs
UK plans to invest £5 billion in retaliatory cyber-attacks - Bleeping Computer
UK's National Cyber Force Heads to the Northwest - InfoSecurity Magazine
What Happened to Facebook, Instagram, & WhatsApp? - Krebs on Security

03/10
Are organisations prepared for new cybersecurity risks? - Gulf Business
Barclays Hacked by Cyberthieves Using Monzo Account, PISP - Pymnts
Beware these scams and crimes on the rise in South Africa - Business Tech
Britain braces for 'Tier 1' cyber attack: Ben Wallace says UK is building capability to target 'critical infrastructure' of hostile states to retaliate to hacking - Daily Mail Online
Colonial Pipeline: How Hackers Exploited A Password Policy Problem - Mondaq
CVE-2021-38647 OMIGOD flaw impacts IBM QRadar Azure - Security Affairs
Google removed 136 vulnerable apps, delete immediately if your phone also has - News Track Live
Got this Flubot malware warning on your Android phone? Beware, it's a trap - Mint
Hackers expose 200 law enforcement officers who 'joined anti-government extremist group the Oath Keepers' - Daily Mail Online
How fraudsters can use the forgotten details of your online life to reel you in - The Guardian
How loyalty programmes can safeguard against sophisticated cyberattacks - Gulf Business
Is hacking the next struggle for US agriculture? - The Star
Johnson Memorial Health struck by cyberattack Saturday - IndyStar
Panama is concerned that the new ICIJ ‘Pandora Papers’ leak may harm the country - The Washington Newsday
Portugal: Cyberattacks up during lockdown - The Portugal News
TA544 group behind a spike in Ursnif malware campaigns targeting Italy - Security Affairs
Telegram bots attack one-time passwords - Your Decommissioning News
Thailand cracks down on SMS scams and phishing calls - Pattayamail
Transnational fraud ring stole millions from Army members, veterans - Bleeping Computer