NEWS: Outubro (10/10 - 16/10) - 41 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!

16/10
$590m in ransomware payments reported to US in 2021 as attacks surge - Arab News
An AdBlocker Was Caught Ironically Injecting Ads Into The Browsers Of Other Users - Digital Information World
Data leak at the 3D printing platform Thingiverse - Market Research Telecast
Google sending warning to users of possible phishing, malware attack - Deccan Herald
Maine water systems are under threat from cyber threat risks, feds warn - Fox23
Man Scams Amazon Textbook Rental Service for $1.5 Million - TechNadu
Minecraft declared the most malware-infected game - HackRead
Missouri to Prosecute ‘Hacker’ Who Informed State About Data Leak - TechNadu
Ransomware paralyzes the administration of Schwerin and the neighboring district - Market Research Telecast
Researchers Find Multiple Vulnerabilities in WP Fastest Cache Plugin - TechNadu
Smishing: BSI warns of new scams in SMS phishing - Market Research Telecast
State-sponsored attackers infiltrate Play Store with fake VPN app - Techradar Pro
Top 10 hackers behind $5.2 billion worth ransomware attacks in Bitcoin - Ians Live
US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments - Security Affairs
Your First 90 Days as CISO – 9 Steps to Success - CISO Mag

15/10
3D printing site Thingiverse suffers major user data breach - Techradar Pro
7-Eleven Breached Customer Privacy Collecting Images of People’s Faces - TechNadu
A timeline of the biggest ransomware attacks - CNet
Accenture discloses data breach after LockBit ransomware attack - Security Affairs
Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages - The Hacker News
Allianz report highlights growing threat of ‘ransomware pandemic’ - Reinsurance News
Almost all ransomware targets Windows devices - Techradar Pro
Amazon textbook rental service scammed for $1.5m - The Register
Android data sharing remains significant, no opt-out available to users - Help Net Security
Attackers Behind Trickbot Expanding Malware Distribution Channels - The Hacker News
Bracing for the Data Security ‘Bang’ - Security Boulevard
Brazilian insurance giant Porto Seguro hit by cyberattack - ZDNet
CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems - The Hacker News
Code Execution Vulnerabilities Discovered in Nitro Pro PDF Reader - TechNadu
Cybersecurity risks could disrupt businesses on their return to the workplace - Wales247
DocuSign phishing campaign targets low-ranking employees - Report Door
Education sector suffers series of cyber attacks in 2021 - Open Access Government
Google Issues Customers 50,000+ Warnings of State-Backed Attacks - InfoSecurity Magazine
How to Protect Yourself from Phishing Attacks - The Hans India
Human hacking increased as apps and browsers moved completely to the cloud - Help Net Security
Macquarie Health making 'good progress' in recovery from Windows ransomware attack - ITWire
Microsoft Azure Attack Illustrates Ongoing DDoS Threats - eSecurity Planet
Most damaging cybercrime services are cheap on the dark web, study finds - The Hindu
New tech to the rescue in cyber security crisis - ITWeb
Policy automation to eliminate configuration errors - Help Net Security
Ransomware: The Global Cybersecurity Pandemic - Cybereason
Ransomware rises as a national security threat as bigger targets fall - CNet
Ransomware suspects nabbed in intl. probe involving S. Korea - The Korea Herald
Russian cybercrime gang targets finance firms with stealthy macros - Bleeping Computer
Staggering growth of cybercrime and how data science helps improve online security - HackRead
Suspects of Ransomware Attacks on Korean Entities Apprehended in Ukraine - KBS World
The Australian government is making reporting ransomware attacks mandatory - Startup Daily
Top 8 best practices to keep your cloud applications secure - Back End News
Top Seven Obligations Concerning Employee Data Privacy - Forbes
Twitch says no passwords or login credentials leaked in massive breach - ZDNet
US government discloses more ransomware attacks on water plants - Bleeping Computer
White House ransomware summit calls for virtual asset crackdown, without mentioning cryptocurrency - The Register

14/10
Acer confirms breach of after-sales service systems in India - Bleeping Computer
Acer confirms second cyberattack in 2021 after ransomware incident in March - ZDNet
Acer suffered the second security breach in a few months - Security Affairs
Add a new dimension to ransomware defenses - Help Net Security
Apple Says iPhone Users are Stupid - Security Boulevard
Australia Unveils Ransomware Action Plan to Combat Cyberattacks - CISO Mag
CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features - Threatpost
EU Proposals Could Unmask Domain Name Registrants - InfoSecurity Magazine
Everyday cybersecurity practices inadequate among many online consumers - Help Net Security
Experts Warn of Unprotected Prometheus Endpoints Exposing Sensitive Information - The Hacker News
Financial Regulator Warns of Hybrid Working Security Risks - InfoSecurity Magazine
Fintech developers dissatisfied with their current roles, a major risk for their employers - Help Net Security
For the first time, an Israeli hospital was hit by a major ransomware attack - Security Affairs
Hotéis Meliá atacados por ransomware na Espanha - CISO Advisor
How to fix iPhone boot loop and iPhone black screen by yourself - HackRead
Informed of a data leak in July, Brazilian integrator platform continued to expose more than 1.75 billion files - Data Breaches net
Malicious Chrome ad blocker injects ads behind the scenes - Bleeping Computer
Met Police Loses 2280 Electronic Devices in Last Two Years - InfoSecurity Magazine
Microsoft’s Failure to Prioritize Security Puts Everyone at Risk - Security Boulevard
New Yanluowang ransomware used in highly targeted attacks on large orgs - Security Affairs
New Yanluowang ransomware used in targeted enterprise attacks - Bleeping Computer
New "Yanluowang" Ransomware Variant Discovered - InfoSecurity Magazine
OpenSea NFT Marketplace Bug Allows Hackers to Steal Crypto Wallets - CISO Mag
Organizations losing business due to connected product security concerns - Help Net Security
Phishing Campaign Stole Coinbase Users One-Time Passwords - TechNadu
Storage systems vulnerabilities: Act now to avoid disasters - Help Net Security
The Ultimate SaaS Security Posture Management (SSPM) Checklist - The Hacker News
The White House is having a big meeting about fighting ransomware. It didn't invite Russia - ZDnet
This is how Formula 1 teams fight off cyberattacks - ZDnet
This new ransomware encrypts your data and makes some nasty threats, too - ZDnet
ThreatMapper: Open source platform for scanning runtime environments - Help Net Security
Top 10 GitHub Actions You Should Use to set up your CI/CD Pipeline - Security Boulevard
Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack - Threatpost
VirusTotal Releases Ransomware Report Based on Analysis of 80 Million Samples - The Hacker News
Williamsville School employees’ private health data inadvertently leaked by Independent Health - Data Breaches net
Windows security: 20 years on from Bill Gates' Trustworthy Computing memo, how much has changed? - ZDnet

13/10
1 in 15 organizations runs actively exploited version of SolarWinds: Report - ZDNet
30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware - Threatpost
Analyzing the Twitch Hack and a Potential Security Hole Around IRC - InfoSecurity Magazine
Apple silently fixes iOS zero-day, asks bug reporter to keep quiet - Bleeping Computer
Australia to tackle ransomware data breaches by deleting stolen files - Bleeping Computer
Backups against ransomware - Professional Security Magazine Online
Biden Left Russia Out of Ransomware Meet. Can’t Imagine Why - Daily Beast
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers - Threatpost
Bugs allowing malicious NFT uploads uncovered in OpenSea marketplace - ZDNet
Combatting supply chain ransomware: it’s time for superhuman cyber security - Information Age
Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets - The Hacker News
Customers On Alert as E-Commerce Player Leaks 1.7+ Billion Records - InfoSecurity Magazine
Cybersecurity shortcomings exposed by the pandemic - Help Net Security
Ex-camera biz Olympus investigating 'suspicious' network activity again a month after ransomware hit - The Register
How Coinbase Phishers Steal One-Time Passwords - Krebs On Security
IFA warns advice firms to be 'on alert' after phishing attack - Professional Adviser
Is the government’s response to cybersecurity threats enough for your organization? - Help Net Security
Israeli hospital hit with ransomware attack - The Times of Israel
Lancaster media group LNP attacked by ransomware - York Dispatch
List of IT assets an attacker is most likely to target for exploitation - Help Net Security
Microsoft Patches Multiple Zero-Day Bugs - InfoSecurity Magazine
Mumbai cyber cell’s email hacked, infected file sent to other units - The Times of India
Nearly 100% of Organisations Suffered a Cloud Data Breach in Past 18 Months - Telemedia Online
New Australian ransomware plan allows for seizure of crypto - Coin Telegraph
OpenSea NFT platform bugs let hackers steal crypto wallets - Bleeping Computer
Password-Stealing Attacks Surge 45% in Six Months - InfoSecurity Magazine
Phishing campaign uses math symbol to imitate Verizon logo - ITPro
Ransomware and patient safety: The dangers facing hospitals and how they can adapt - Becker's Health IT
Russia excluded from virtual White House meeting on ransomware - The Hill
Seasonal Attacks: The Cybersecurity Implications of Children Returning to School - InfoSecurity Magazine
Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds - IBM Security Intelligence
Ultimatum for Booter Service Users - InfoSecurity Magazine
University of Sunderland Hit by Suspected Cyber-Attack - InfoSecurity Magazine
Verizon digital carrier Visible customer accounts were hacked - Bleeping Computer
What Is the True Cost of a Health Care Data Breach? - IBM Security Intelligence
White House is hosting a global ransomware summit -- without Russia - CNet
White House Unveils 32 Countries Invited to Participate in Ransomware Meeting - Next Gov

12/10
2021 nastiest malware: Here to stay and ever evolving - Help Net Security
Apache OpenOffice users should upgrade to newest security release! - Help Net Security
Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug - Threatpost
AWS ransomware attacks: Not a question of if, but when - Help Net Security
Chinese hackers use Windows zero-day to attack defense, IT firms - Bleeping Computer
Columbus Regional Health (CRH) on alert after online attacks hit nearby hospitals - The Republic
Cyberattack shuts down Ecuador's largest bank, Banco Pichincha - Bleeping Computer
Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice - The Hacker News
Dutch police send warning letters to DDoS booter customers - Bleeping Computer
Euro Police Disrupt $17m Fake Investment Scheme - InfoSecurity Magazine
FBI stings monero chasing couple for selling secrets of nuke powered subs - Cryptopolitan
GitHub Revoked Insecure SSH Keys Generated by a Popular git Client - The Hacker News
FIN12 Ransomware Group Specializes in Healthcare Cyberattacks - Health IT Security
FreakOut botnet now attacks vulnerable video DVR devices - Bleeping Computer
Google creates cybersecurity team to help respond to attacks - Axios
How to maximize your security budget while demonstrating ROI - Help Net Security
Justice department recovering after IT services ‘hacked’ - IOL
Macquarie Health says Windows Hive ransomware attack still having an effect - ITWire
Microsoft: Azure customer hit by record DDoS attack in August - Bleeping Computer
Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers - The Hacker News
Microsoft mitigated a record 2.4 Tbps DDoS attack in August - Security Affairs
NHS and data breach threat - Professional Security Magazine Online
NSA warns of wildcard certificate risks, provides mitigations - Bleeping Computer
Olympus confirms US cyberattack, weeks after BlackMatter ransomware hit EMEA systems - Tech Crunch
Olympus suffers second cyberattack in 2021 - ZDNet
Olympus US systems hit by cyberattack over the weekend - Bleeping Computer
Over 90% of Firms Suffered Supply Chain Breaches Last Year - InfoSecurity Magazine
Photo editor Android app STILL sitting on Google Play store is malware - Bleeping Computer
Private hospital group Macquarie Health takes system offline following cyber incident - Healthcare IT News
Ransomware attack on Quest’s ReproSource impacts data of 350K patients - SC Media
SaaS adoption growing, but so are security concerns - Help Net Security
Schools Prove Easy Targets For Hackers - InfoSecurity Magazine
Ukraine Police Cuff Botnet Herder Who Controlled 100K Machines - InfoSecurity Magazine
University of Sunderland continues to experience 'extensive disruption' after suspected cyber attack - Sunderland Echo

11/10
Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability - The Hacker News
Couple Arrested Over Sale of Nuclear Secrets - InfoSecurity Magazine
DEX management maturity key to succeed in the future remote work - Help Net Security
Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks - Bleeping Computer
FBI arrests engineer for selling nuclear warship data hidden in peanut butter sandwich - ZDNet
FontOnLake malware strikes Linux systems in targeted attacks - ZDNet
GitHub revokes duplicate SSH auth keys linked to library bug - Bleeping Computer
Huawei Cloud targeted by updated cryptomining malware - Bleeping Computer
Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo - The Hacker News
IT leaders confident in their organization’s network security, IT managers have doubts - Help Net Security
LibreOffice, OpenOffice bug allows hackers to spoof signed docs - Bleeping Computer
Microsoft Defender for Identity to detect Windows Bronze Bit attacks - Bleeping Computer
Microsoft: Iran-linked hackers target US defense tech companies - Bleeping Computer
Microsoft Warns of Iran-Linked Hackers Targeting US and Israeli Defense Firms - The Hacker News
Nuclear engineer's espionage plans unraveled by undercover FBI agents - Bleeping Computer
Pacific City Bank discloses ransomware attack claimed by AvosLocker - Bleeping Computer
Quest-owned fertility clinic announces data breach after August ransomware attack - ZDNet
Ransomware: Even when the attackers are in your network, it's not too late to fight back - ZDNet
Ransomware is the biggest cyber threat to business. But most firms still aren't ready for it - ZDNet
Ransomware: Relationship breakdowns have never been so satisfying - Help Net Security
Remote work exposing SMEs to increased cybersecurity risk - Help Net Security
REvil/Sodinokibi accounting for 73% of ransomware detections in Q2 2021 - Help Net Security
Strengthening firmware security with hardware RoT - Help Net Security
Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices - The Hacker News
Ukrainian police arrest DDoS operator controlling 100,000 bots - Bleeping Computer
US Imprisons Man Who Exploited Children Via Social Media - InfoSecurity Magazine
Verify End-Users at the Helpdesk to Prevent Social Engineering Cyber Attack - The Hacker News
ZTE widens bug bounty to focus on 5G security - ZDNet

10/10
Amnesty International links cybersecurity firm to spyware operation - Bleeping Computer
Australia: Government may try forcing Facebook to identify anonymous users - The New Daily
Biden administration ramps up efforts to secure American infrastructure from Russian and Chinese cyberattacks - CNN Politics
Bradford woman's concern over apparent Test and Trace data breach - Telegraph & Argus
Clickbait danger; seniors at risk - Jamaica OBServer
Data Breach Numbers, Costs and Impacts All Rise in 2021 - Government Technology
Email Safety Tips and Best Practices for Internet Users ! - News Ghana
FIN12 Ransomware Group is Actively Targeting Healthcare Institutions - TechDator
FontOnLake malware infects Linux systems via trojanized utilities - Bleeping Computer
Google to give 10K free security keys to 'high risk' individuals - Times Now News
Microsoft Says Russia Behind Over 50% Of State-Sponsored Cyber Hacks - India Times
Ransomware is so rife it’s a threat to national security - The Bull
South Africa: Ransomware attack crisis over, says justice department - Times Live
South Korea: Callers impersonate government officials in 8 out of 10 phone scams - The Korea Herald
Tech giants expand Australian misinformation measures week after government criticism - ZDNet
Tesco, Morrisons and Asda customers are being warned about about new email scam – here’s how to spot it - Gedling Eye
Verizon Phishing Scam Targets Customers Through a Text Message | Beware of This Bogus Phone Number - Tech Times
What Is Ransomware as a Service? - Make Us Of