NEWS: Setembro (05/09 - 11/09) - 36 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!!

11/09

Assume breach position does not mean firms get to skip due diligence in cybersecurity - ZDNet

Cisco released security patches for High-Severity flaws in IOS XR software - Security Affairs

Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack - The Hacker News

‘MyRepublic’ Singapore Announced a Customer-Affecting Data Breach Incident - TechNadu

New SOVA Android Banking trojan is rapidly growing - Security Affairs

Oklahoma Man Sentenced to 4 Years in Prison for Laundering Romance Scam Money - TechNadu

Ransomware groups continue assault on healthcare orgs as COVID-19 infections increase - ZDNet

REvil ransomware is back in full attack mode and leaking data - Bleeping Computer

WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud - The Hacker News

10/09

A zero-trust future: Why cybersecurity should be prioritized for the hybrid working world - Help Net Security

Application Security a Growing Priority Among Security Pros - Dark Reading

AZ Ransomware Attack Leads to Unrecoverable EHRs, Data Loss - Health IT Security

Beware! These Google Play Store apps can leak your personal data - Mint

Building a Unified BCDR Strategy to Protect Data - Security Boulevard

Cannabis companies considered ripe targets for ransomware attacks - MJ Biz Daily

Colorado County Clerk Charged with Cybercrime - InfoSecurity Magazine

DDoS Attacks Overwhelming Mitigations Through Short and Sharp Doses - TechNadu

DEF CON 29 Main Stage – Guillaume Fournier’s, Sylvain Afchain’s and Sylvain Baubeau’s ‘eBPF, I Thought We Were Friends!’ - Security Boulevard

DEF CON 29 Main Stage – Yuhao Weng’s, Steven Seeley’s & Zhiniang Peng’s ‘An Attack Surface Tour Of SharePoint Server’ - Security Boulevard

Employee Email Misuse Puts Patient PHI in Jeopardy in CA, Florida - Health IT Security

Evil Corp: A Deep Dive Into One of the World’s Most Notorious Hacker Groups - Make Use Of

Four critical data storage security questions CIOs must ask - Intelligent CIO

Germany probes claims of pre-election MP hacking by Russia - Euractiv

Google debuts new Private Compute features in ramp up of Android security - ZDNet

Hackers are leaking children’s data — and there’s little parents can do - NBC News

Hackers get data trove in U.N. breach - Northwest Arkansas Online

HAProxy urges users to update after HTTP request smuggling vulnerability found - ZDNet

Healthcare orgs in California, Arizona send out breach letters for nearly 150,000 after SSNs accessed during ransomware attacks - ZDNet

Incident Of The Week: Medical data of more than 73,000 patients shared in Singapore breach - Cyber Security Hub

IoT interest is growing, but so are cybersecurity concerns - Help Net Security

IT leaders facing backlash from remote workers over cybersecurity measures: HP study - ZDNet

Justice Department assures South Africa there was no breach of data in cyberattack - EWN

KrebsOnSecurity Hit By Huge New IoT Botnet “Meris” - Security Boulevard

McDonald’s Email Blast Includes Password to Monopoly Game Database - Threatpost

MyRepublic customer data compromised in third-party security breach - ZDNet

National cyber director says hospitals under attack have no choice but to pay ransom - Becker's Health IT

Personal Information of Nearly 80,000 MyRepublic Customers Accessed After Breach - InfoSecurity Magazine

Phishing attempts: Employees can be the first line of defense - Help Net Security

Protecting businesses from ransomware at the edge - Continuity Central

Ransomware: Hot or Not? Here's Attackers' Ideal Target - Bank Info Security

SANSA Responds to Data Leak Incident Saying It’s Nothing Serious - TechNadu

Sensitive Data Exposure: What Do Hackers Want the Most? - iLounge

SOVA, Worryingly Sophisticated Android Trojan, Takes Flight - Threatpost

T-Mobile’s Hack Of 50 Million Users Leaves Black Community At Risk - Forbes

The impact of ransomware on cyber insurance driving the need for broader cybersecurity knowledge - Help Net Security

Ukrainian man extradited to the US to face botnet, data theft charges - ZDNet

UN Data Breach: Expert Commentary on a High-Profile Attack - Solutions Review

US military reservist lands himself prison sentence for operating romance scams - ZDNet

09/09

91% of IT teams have felt 'forced' to trade security for business operations - ZDNet

ANZ New Zealand back online after outage from DDoS attack - ZDNet

Attacker releases credentials for 87,000 FortiGate SSL VPN devices - ZDNet

Avoid Third-Party Breaches with DLP - Security Boulevard

‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise - Threatpost

Berners-Lee Joins ProtonMail Following Privacy Debacle - InfoSecurity Magazine

BlackMatter Ransomware Attacks Threaten Healthcare, HC3 Says - Health IT Security

Breach Clarity Data Breach Report: Week of Sept. 6 - Security Boulevard

Business Associate Ransomware Attack Impacts 115K in CA - Health IT Security

Cloud computing: Microsoft fixes Azure container flaw that could have leaked data - ZDNet

Compliance failures caused by lack of embedded controls into employee processes - Help Net Security

Department of Justice victim of latest security breach - Bollyinside

Fighting the Rogue Toaster Army: Why Secure Coding in Embedded Systems is Our Defensive Edge - The Hacker News

GitHub tackles severe vulnerabilities in Node.js packages - ZDNet

Groove ransomware gang is a motley crew of disgruntled hackers, researchers say - Cyberscoop

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices - The Hacker News

Hackers Steal Data from United Nations - Info Security Magazine

Howard University’s Devastating Ransomware Attack Can Teach Other Colleges a Valuable Lesson - Slate

Infamous criminal ransomware group REvil is back - IT Brief

Manufacturers face a significant cybersecurity risk from ransomware - The Manufacture

Microsoft Warns Azure Customers of Flaw That Could Have Led to Data Breach - News18

New Mēris botnet breaks DDoS record with 21.8 million RPS attack - Bleeping Computer

Organizations struggling to develop cloud applications that meet security requirements - Help Net Security

Protecting your company from fourth-party risk - Help Net Security

Ransomware Attack Disrupts Online, Hybrid Classes at Howard University - Campus Technology

Ransomware attack wipes out Arizona clinic's EHR, corrupts 35,000 patients' records - Becker's Health IT

Ransomware Attacks Preparation And Off-line READ-ONLY Storage Saves The Day - is Buzz News

Ransomware attacks up by 518% in the last year - Today's Conveyancer

Researchers Add More Pieces to the ‘EGoManiac’ Turkish Actor Puzzle - TechNadu

Russian Ransomware Group REvil Back Online After 2-Month Hiatus - The Hacker News

SANSA breach: International hacker group claims responsibility for Space Agency leak - News Chant South Africa

SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’ - Threatpost

Sophos Releases Phishing Insights 2021 Report - Solution Review

Texas Now Publicly Posting Names Of Companies That Lose Personal Data In Cyberattack - CBS DFW

The role of automation in staying on top of the evolving threat landscape - Help Net Security

Virginia National Guard confirms cyberattack hit Virginia Defense Force email accounts - ZDNet

When a scammer calls: 3 strategies to protect customers from call spoofing - Help Net Security

Yandex is battling the largest DDoS in Russian Internet history - Bleeping Computer

Zoho ManageEngine Password Manager Zero-Day Gets a Fix, Amid Attacks - Threatpost

08/09

3 Ways to Secure SAP SuccessFactors and Stay Compliant - The Hacker News

A Widely Deployed Mitsubishi Industrial Controller Is Vulnerable to Remote Exploitation - TechNadu

Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444) - Help Net Security

BladeHawk attackers spy on Kurds with fake Android apps - ZDNet

Crypto exchanges and their customers must protect themselves as attacks continue - Help Net Security

Data Breach Lawsuit Against Sonic Will Proceed - InfoSecurity Magazine

Experts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic Group - The Hacker News

Facebook believes accountability and investment signals it is taking privacy seriously - ZDNet

Germany protests to Russia over attacks ahead of the upcoming election - Security Affairs

Groove gang leaks list of 500k credentials of compromised Fortinet appliances - Security Affairs

Hackers leak passwords for 500,000 Fortinet VPN accounts - Bleeping Computer

HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack - The Hacker News

How do I select a container security solution for my business? - Help Net Security

Howard University shuts down network after ransomware attack - Bleeping Computer

Indian Taxpayers Targeted by Fake App Distributed by Phishing Actors- TechNadu

Microsoft Releases Mitigations and Workarounds for Office Zero-Day RCE Flaw- TechNadu

Microsoft warns of a zero-day in Internet Explorer that is actively exploited - Security Affairs

New Zealand Suffering From a Wave of Massive DDoS Attacks Again - TechNadu

Of course we were prepared for the pandemic, say modest, honest IT pros - ZDNet

Operation Chimaera: TeamTNT hacking group strikes thousands of victims worldwide - ZDNet

Pro-Chinese government propaganda campaign spurs on COVID-19 protests in the US - ZDNet

Ransomware attacks: The power of adaptation - Help Net Security

Ransomware: Take these three steps to protect yourself from attacks and make it easier to recover - ZDNet

Report: The State of Password Security in the Enterprise - Help Net Security

Researchers pinpoint ransomware gangs’ ideal enterprise victims - Help Net Security

Russia Planning to Introduce Facial Recognition in Schools by 2022 - TechNadu

Russian communications watchdog Roskomnadzor blocks access to 6 VPNs - Security Affairs

The Guide for Speeding Time to Response for Lean IT Security Teams - The Hacker News

Top tips for preventing SQL injection attacks - Help Net Security

Zoho patches actively exploited critical ADSelfService Plus bug - Bleeping Computer

07/09

39% of all internet traffic is from bad bots - Help Net Security

Alexa, OK Google, Siri—Sued for Spying - Security Boulevard

Audit effectiveness and talent retention at risk as hybrid auditing becomes the new norm - Help Net Security

Credit unions demand assurances from Central Bank after data leak blunder - Independent

Cyber-Attack on Washington DC University - InfoSecurity Magazine

Cybersecurity Student Scams Senior Out of $55K - InfoSecurity Magazine

DEF CON 29 Main Stage – Adam Zabrocki’s & Alex Matrosov’s ‘Glitching RISC-V Chips: MTVEC Corruption For Hardening ISA’ - Security Boulevard

DEF CON 29 Main Stage – Agent X’s ‘A Look Inside Security At The New York Times’ - Security Boulevard

Elon Musk's top-secret 'full self-driving' AI car software leaked to hackers - Daily Star

Germany Accuses Russia of Election Meddling Through Cyber-Attacks - InfoSecurity Magazine

Hacker claims to have stolen information of 7 million Israelis - The Jerusalem Post

Home security: ADT vs Ring - ZDNet

Howard University announces ransomware attack, shuts down classes on Tuesday - ZDNet

ICO Requests International Support to Tackle Cookie Pop-Ups - InfoSecurity Magazine

ID Theft Couple on the Run - InfoSecurity Magazine

Jenkins project's Confluence server hacked to mine Monero - Bleeping Computer

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server - The Hacker News

McDonald's leaks password for Monopoly VIP database to winners - Bleeping Computer

Microsoft shares temp fix for ongoing Office 365 zero-day attacks - Bleeping Computer

Pakistani Software Firm ‘We Code Solutions’ Linked With Underground Spam Operations - TechNadu

Personal Details of 8,700 French Visa Applicants Exposed by Cyber-Attack - InfoSecurity Magazine

ProtonMail CEO says services must comply with laws unless based 15 miles offshore - ZDNet

ProtonMail logged IP address of French activist after foreign request approved by Swiss authorities - Security Affairs

Ragnar Locker gang threatens to leak data if victim contacts law enforcement - Security Affairs

Ransomware attack under investigation at Howard U, online classes canceled Sept 8 - 7News

Ransomware gang threatens to leak data if victim contacts FBI, police - Bleeping Computer

REvil ransomware group resurfaces after brief hiatus - ZDNet

REvil ransomware's servers mysteriously come back online - Bleeping Computer

Safe connectivity tips for domestic violence victims - ZDNet

Securing Networks in a Perimeterless World - Security Boulevard

Securing your WordPress website against ransomware attacks - Help Net Security

Traditional SIEM platforms no longer meet the needs of security practitioners - Help Net Security

You can use your home security system to prevent teens from sneaking out, but should you? - ZDNet

06/09

3 ways to protect yourself from cyberattacks in the midst of an IT security skill shortage - Help Net Security

Apple slams the brakes on plans to scan user images for child abuse content - ZDNet

Consumers satisfied with mobile security, yet account privacy and protection concerns remain - Help Net Security

Climate Activist Arrested After ProtonMail Was Forced to Give Away User’s IP Address - TechNadu

Critical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC Released - The Hacker News

Cybersecurity is tough work, so beware of burnout - ZDNet

Enterprises are missing the warning signs of insider threats - Help Net Security

Enterprising criminals are selling direct access to cloud accounts - Help Net Security

FBI IC3 warns of a spike in sextortion attacks - Security Affairs

Healthcare cybersecurity under attack: How the pandemic affected rural hospitals - Help Net Security

HSE Ransomware Actors’ Infrastructure Disrupted by Irish Authorities - TechNadu

Malware found pre-installed in cheap push-button mobile phones sold in Russia - Security Affairs

Massive Pack Containing Details of 39 Million French Is for Sale on the Darkweb - TechNadu

Netgear addresses severe security flaws in 20 of its products - Security Affairs

Netgear fixes severe security bugs in over a dozen smart switches - Bleeping Computer

New Chainsaw tool helps IR teams analyze Windows event logs - Bleeping Computer

Popular Voice Assistant Companion Apps Are a Hazard for User Privacy - TechNadu

ProtonMail Logs Activist's IP Address With Authorities After Swiss Court Order - The Hacker News

Ransomware attacks increased by 288% in H1 2021 - Help Net Security

Ransomware gangs target companies using these criteria - Bleeping Computer

The healthcare cybersecurity market to grow steadily by 2026 - Help Net Security

This is the perfect ransomware victim, according to cybercriminals - ZDNet

This NPM package with millions of weekly downloads has fixed a remote code execution flaw - ZDNet

Traffic Exchange Networks Distributing Malware Disguised as Cracked Software - The Hacker News

TrickBot gang developer arrested at the Seoul international airport - Security Affairs

TrickBot gang developer arrested when trying to leave Korea - Bleeping Computer

Zero trust and cybersecurity: Here's what it means and why it matters - ZDNet

WhatsApp Flaw Casts Doubt on End-to-End Encryption - Security Boulevard

05/09

4 Ransomware Trends That Companies Should Be Aware Of - Albawaba

Sophos: 70% of IT staff reported a rise in phishing emails throughout 2020 - Venture Beat

Back-to-School internet safety - OA Online

Conti ransomware gang is targeting unpatched Microsoft Exchange servers - Silicon Angle

Dark Web vs. Deep Web: What's the Difference? - Make Use Of

EDR Reaches Wide Adoption Paving Way for XDR, SASE - SDX Central

Garda National Cyber Crime Bureau seizes websites used in ransomware attacks - Donegal Live

Google's TensorFlow drops YAML support due to code execution flaw - Bleeping Computer

Irony at its peak, Marketo gang claims to have bids on stolen data of an IT service company, Fujitsu - The Digital Hacker

Lock down your Microsoft 365 account and keep hackers out in 5 easy steps - CNet

Mass. Lawmakers Set To Examine Cybersecurity After Recent Attacks - Wbur

One in three Indians stores confidential info digitally: Survey Read more - Deccan Herald

Scamdemic Britain: how we’re being conned out of billions - Mail Online

Source code of extortion trojan “Babuk Locker” leaked - Market Research Telecast

The big reason the spam in your inbox is about to get a lot more convincing - Kim Komando

‘This is a scam!’ National Insurance warning as Britons told 'number will be cancelled' - Express

UC Refuses To Disclose Information Regarding Accellion Data Hack - Daily Nexus

Welsh Government Broke Data Protection Laws at Least 300 Times Since 2019: Report - Tech Times

Windows 11 Alpha: New Scam Deceives Users With Word Document - Somag News

NEWS: Agosto/Setembro (29/08 - 04/09) - 35 Semana de 2021