NEWS: Outubro (10/10 - 16/10) - 41 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!!

16/10

$590m in ransomware payments reported to US in 2021 as attacks surge - Arab News

An AdBlocker Was Caught Ironically Injecting Ads Into The Browsers Of Other Users - Digital Information World

Data leak at the 3D printing platform Thingiverse - Market Research Telecast

Google sending warning to users of possible phishing, malware attack - Deccan Herald

Maine water systems are under threat from cyber threat risks, feds warn - Fox23

Man Scams Amazon Textbook Rental Service for $1.5 Million - TechNadu

Minecraft declared the most malware-infected game - HackRead

Missouri to Prosecute ‘Hacker’ Who Informed State About Data Leak - TechNadu

Ransomware gangs targeted 3 different US water treatment plants this year in previously unreported attacks, according to federal agencies - Yahoo! News

Ransomware paralyzes the administration of Schwerin and the neighboring district - Market Research Telecast

Researchers Find Multiple Vulnerabilities in WP Fastest Cache Plugin - TechNadu

Smishing: BSI warns of new scams in SMS phishing - Market Research Telecast

State-sponsored attackers infiltrate Play Store with fake VPN app - Techradar Pro

Top 10 hackers behind $5.2 billion worth ransomware attacks in Bitcoin - Ians Live

US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments - Security Affairs

Your First 90 Days as CISO – 9 Steps to Success - CISO Mag

15/10

3D printing site Thingiverse suffers major user data breach - Techradar Pro

7-Eleven Breached Customer Privacy Collecting Images of People’s Faces - TechNadu

A timeline of the biggest ransomware attacks - CNet

Accenture discloses data breach after LockBit ransomware attack - Security Affairs

Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages - The Hacker News

Allianz report highlights growing threat of ‘ransomware pandemic’ - Reinsurance News

Almost all ransomware targets Windows devices - Techradar Pro

Amazon textbook rental service scammed for $1.5m - The Register

Android data sharing remains significant, no opt-out available to users - Help Net Security

Attackers Behind Trickbot Expanding Malware Distribution Channels - The Hacker News

Bracing for the Data Security ‘Bang’ - Security Boulevard

Brazilian insurance giant Porto Seguro hit by cyberattack - ZDNet

CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems - The Hacker News

Code Execution Vulnerabilities Discovered in Nitro Pro PDF Reader - TechNadu

Cybersecurity risks could disrupt businesses on their return to the workplace - Wales247

DocuSign phishing campaign targets low-ranking employees - Report Door

Education sector suffers series of cyber attacks in 2021 - Open Access Government

Google Issues Customers 50,000+ Warnings of State-Backed Attacks - InfoSecurity Magazine

How to Protect Yourself from Phishing Attacks - The Hans India

Human hacking increased as apps and browsers moved completely to the cloud - Help Net Security

Macquarie Health making 'good progress' in recovery from Windows ransomware attack - ITWire

Microsoft Azure Attack Illustrates Ongoing DDoS Threats - eSecurity Planet

Most damaging cybercrime services are cheap on the dark web, study finds - The Hindu

New tech to the rescue in cyber security crisis - ITWeb

Policy automation to eliminate configuration errors - Help Net Security

Ransomware: The Global Cybersecurity Pandemic - Cybereason

Ransomware rises as a national security threat as bigger targets fall - CNet

Ransomware suspects nabbed in intl. probe involving S. Korea - The Korea Herald

Russian cybercrime gang targets finance firms with stealthy macros - Bleeping Computer

Staggering growth of cybercrime and how data science helps improve online security - HackRead

Suspects of Ransomware Attacks on Korean Entities Apprehended in Ukraine - KBS World

The Australian government is making reporting ransomware attacks mandatory - Startup Daily

Top 8 best practices to keep your cloud applications secure - Back End News

Top Seven Obligations Concerning Employee Data Privacy - Forbes

Twitch says no passwords or login credentials leaked in massive breach - ZDNet

US government discloses more ransomware attacks on water plants - Bleeping Computer

White House ransomware summit calls for virtual asset crackdown, without mentioning cryptocurrency - The Register

14/10

Acer confirms breach of after-sales service systems in India - Bleeping Computer

Acer confirms second cyberattack in 2021 after ransomware incident in March - ZDNet

Acer suffered the second security breach in a few months - Security Affairs

Add a new dimension to ransomware defenses - Help Net Security

Apple Says iPhone Users are Stupid - Security Boulevard

Australia Unveils Ransomware Action Plan to Combat Cyberattacks - CISO Mag

CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features - Threatpost

EU Proposals Could Unmask Domain Name Registrants - InfoSecurity Magazine

Everyday cybersecurity practices inadequate among many online consumers - Help Net Security

Experts Warn of Unprotected Prometheus Endpoints Exposing Sensitive Information - The Hacker News

Financial Regulator Warns of Hybrid Working Security Risks - InfoSecurity Magazine

Fintech developers dissatisfied with their current roles, a major risk for their employers - Help Net Security

For the first time, an Israeli hospital was hit by a major ransomware attack - Security Affairs

Hotéis Meliá atacados por ransomware na Espanha - CISO Advisor

How to fix iPhone boot loop and iPhone black screen by yourself - HackRead

HP Wolf report highlights widespread exploitation of MSHTML, typosquatting and malware families hosted on Discord - ZDnet

Informed of a data leak in July, Brazilian integrator platform continued to expose more than 1.75 billion files - Data Breaches net

Malicious Chrome ad blocker injects ads behind the scenes - Bleeping Computer

Met Police Loses 2280 Electronic Devices in Last Two Years - InfoSecurity Magazine

Microsoft’s Failure to Prioritize Security Puts Everyone at Risk - Security Boulevard

New Yanluowang ransomware used in highly targeted attacks on large orgs - Security Affairs

New Yanluowang ransomware used in targeted enterprise attacks - Bleeping Computer

New "Yanluowang" Ransomware Variant Discovered - InfoSecurity Magazine

OpenSea NFT Marketplace Bug Allows Hackers to Steal Crypto Wallets - CISO Mag

Organizations losing business due to connected product security concerns - Help Net Security

Phishing Campaign Stole Coinbase Users One-Time Passwords - TechNadu

Storage systems vulnerabilities: Act now to avoid disasters - Help Net Security

The Ultimate SaaS Security Posture Management (SSPM) Checklist - The Hacker News

The White House is having a big meeting about fighting ransomware. It didn't invite Russia - ZDnet

This is how Formula 1 teams fight off cyberattacks - ZDnet

This new ransomware encrypts your data and makes some nasty threats, too - ZDnet

ThreatMapper: Open source platform for scanning runtime environments - Help Net Security

Top 10 GitHub Actions You Should Use to set up your CI/CD Pipeline - Security Boulevard

Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack - Threatpost

VirusTotal Releases Ransomware Report Based on Analysis of 80 Million Samples - The Hacker News

Williamsville School employees’ private health data inadvertently leaked by Independent Health - Data Breaches net

Windows security: 20 years on from Bill Gates' Trustworthy Computing memo, how much has changed? - ZDnet

13/10

1 in 15 organizations runs actively exploited version of SolarWinds: Report - ZDNet

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware - Threatpost

Analyzing the Twitch Hack and a Potential Security Hole Around IRC - InfoSecurity Magazine

Apple silently fixes iOS zero-day, asks bug reporter to keep quiet - Bleeping Computer

Australia to tackle ransomware data breaches by deleting stolen files - Bleeping Computer

Backups against ransomware - Professional Security Magazine Online

Biden Left Russia Out of Ransomware Meet. Can’t Imagine Why - Daily Beast

Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers - Threatpost

Bugs allowing malicious NFT uploads uncovered in OpenSea marketplace - ZDNet

Combatting supply chain ransomware: it’s time for superhuman cyber security - Information Age

Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets - The Hacker News

Customers On Alert as E-Commerce Player Leaks 1.7+ Billion Records - InfoSecurity Magazine

Cybersecurity shortcomings exposed by the pandemic - Help Net Security

Ex-camera biz Olympus investigating 'suspicious' network activity again a month after ransomware hit - The Register

How Coinbase Phishers Steal One-Time Passwords - Krebs On Security

IFA warns advice firms to be 'on alert' after phishing attack - Professional Adviser

Is the government’s response to cybersecurity threats enough for your organization? - Help Net Security

Israeli hospital hit with ransomware attack - The Times of Israel

Lancaster media group LNP attacked by ransomware - York Dispatch

List of IT assets an attacker is most likely to target for exploitation - Help Net Security

Microsoft Patches Multiple Zero-Day Bugs - InfoSecurity Magazine

Mumbai cyber cell’s email hacked, infected file sent to other units - The Times of India

Nearly 100% of Organisations Suffered a Cloud Data Breach in Past 18 Months - Telemedia Online

New Australian ransomware plan allows for seizure of crypto - Coin Telegraph

OpenSea NFT platform bugs let hackers steal crypto wallets - Bleeping Computer

Password-Stealing Attacks Surge 45% in Six Months - InfoSecurity Magazine

Phishing campaign uses math symbol to imitate Verizon logo - ITPro

Phishing scams target your email and steal money from your bank account – here’s how to avoid hackers - The Sun

Ransomware and patient safety: The dangers facing hospitals and how they can adapt - Becker's Health IT

Russia excluded from virtual White House meeting on ransomware - The Hill

Seasonal Attacks: The Cybersecurity Implications of Children Returning to School - InfoSecurity Magazine

Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds - IBM Security Intelligence

Ultimatum for Booter Service Users - InfoSecurity Magazine

University of Sunderland Hit by Suspected Cyber-Attack - InfoSecurity Magazine

Verizon digital carrier Visible customer accounts were hacked - Bleeping Computer

What Is the True Cost of a Health Care Data Breach? - IBM Security Intelligence

White House is hosting a global ransomware summit -- without Russia - CNet

White House Unveils 32 Countries Invited to Participate in Ransomware Meeting - Next Gov

12/10

2021 nastiest malware: Here to stay and ever evolving - Help Net Security

Apache OpenOffice users should upgrade to newest security release! - Help Net Security

Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug - Threatpost

AWS ransomware attacks: Not a question of if, but when - Help Net Security

Chinese hackers use Windows zero-day to attack defense, IT firms - Bleeping Computer

Columbus Regional Health (CRH) on alert after online attacks hit nearby hospitals - The Republic

Cyberattack shuts down Ecuador's largest bank, Banco Pichincha - Bleeping Computer

Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice - The Hacker News

Dutch police send warning letters to DDoS booter customers - Bleeping Computer

Euro Police Disrupt $17m Fake Investment Scheme - InfoSecurity Magazine

FBI stings monero chasing couple for selling secrets of nuke powered subs - Cryptopolitan

GitHub Revoked Insecure SSH Keys Generated by a Popular git Client - The Hacker News

FIN12 Ransomware Group Specializes in Healthcare Cyberattacks - Health IT Security

FreakOut botnet now attacks vulnerable video DVR devices - Bleeping Computer

Google creates cybersecurity team to help respond to attacks - Axios

How to maximize your security budget while demonstrating ROI - Help Net Security

Justice department recovering after IT services ‘hacked’ - IOL

Macquarie Health says Windows Hive ransomware attack still having an effect - ITWire

Microsoft: Azure customer hit by record DDoS attack in August - Bleeping Computer

Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers - The Hacker News

Microsoft mitigated a record 2.4 Tbps DDoS attack in August - Security Affairs

NHS and data breach threat - Professional Security Magazine Online

NSA warns of wildcard certificate risks, provides mitigations - Bleeping Computer

Olympus confirms US cyberattack, weeks after BlackMatter ransomware hit EMEA systems - Tech Crunch

Olympus suffers second cyberattack in 2021 - ZDNet

Olympus US systems hit by cyberattack over the weekend - Bleeping Computer

Over 90% of Firms Suffered Supply Chain Breaches Last Year - InfoSecurity Magazine

Photo editor Android app STILL sitting on Google Play store is malware - Bleeping Computer

Private hospital group Macquarie Health takes system offline following cyber incident - Healthcare IT News

Ransomware attack on Quest’s ReproSource impacts data of 350K patients - SC Media

SaaS adoption growing, but so are security concerns - Help Net Security

Schools Prove Easy Targets For Hackers - InfoSecurity Magazine

The UK Parliament's expenses watchdog accidentally leaked the names and home addresses of an MP's staffers - Insider

Ukraine Police Cuff Botnet Herder Who Controlled 100K Machines - InfoSecurity Magazine

University of Sunderland continues to experience 'extensive disruption' after suspected cyber attack - Sunderland Echo

11/10

Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability - The Hacker News

Couple Arrested Over Sale of Nuclear Secrets - InfoSecurity Magazine

DEX management maturity key to succeed in the future remote work - Help Net Security

Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks - Bleeping Computer

FBI arrests engineer for selling nuclear warship data hidden in peanut butter sandwich - ZDNet

FontOnLake malware strikes Linux systems in targeted attacks - ZDNet

GitHub revokes duplicate SSH auth keys linked to library bug - Bleeping Computer

Huawei Cloud targeted by updated cryptomining malware - Bleeping Computer

Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo - The Hacker News

IT leaders confident in their organization’s network security, IT managers have doubts - Help Net Security

LibreOffice, OpenOffice bug allows hackers to spoof signed docs - Bleeping Computer

Microsoft Defender for Identity to detect Windows Bronze Bit attacks - Bleeping Computer

Microsoft: Iran-linked hackers target US defense tech companies - Bleeping Computer

Microsoft Warns of Iran-Linked Hackers Targeting US and Israeli Defense Firms - The Hacker News

Nuclear engineer's espionage plans unraveled by undercover FBI agents - Bleeping Computer

Pacific City Bank discloses ransomware attack claimed by AvosLocker - Bleeping Computer

Quest-owned fertility clinic announces data breach after August ransomware attack - ZDNet

Ransomware: Even when the attackers are in your network, it's not too late to fight back - ZDNet

Ransomware is the biggest cyber threat to business. But most firms still aren't ready for it - ZDNet

Ransomware: Relationship breakdowns have never been so satisfying - Help Net Security

Remote work exposing SMEs to increased cybersecurity risk - Help Net Security

REvil/Sodinokibi accounting for 73% of ransomware detections in Q2 2021 - Help Net Security

Strengthening firmware security with hardware RoT - Help Net Security

Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices - The Hacker News

Ukrainian police arrest DDoS operator controlling 100,000 bots - Bleeping Computer

US Imprisons Man Who Exploited Children Via Social Media - InfoSecurity Magazine

Verify End-Users at the Helpdesk to Prevent Social Engineering Cyber Attack - The Hacker News

ZTE widens bug bounty to focus on 5G security - ZDNet

10/10

Amnesty International links cybersecurity firm to spyware operation - Bleeping Computer

Australia: Government may try forcing Facebook to identify anonymous users - The New Daily

Biden administration ramps up efforts to secure American infrastructure from Russian and Chinese cyberattacks - CNN Politics

Bradford woman's concern over apparent Test and Trace data breach - Telegraph & Argus

Clickbait danger; seniors at risk - Jamaica OBServer

Data Breach Numbers, Costs and Impacts All Rise in 2021 - Government Technology

Email Safety Tips and Best Practices for Internet Users ! - News Ghana

FIN12 Ransomware Group is Actively Targeting Healthcare Institutions - TechDator

FontOnLake malware infects Linux systems via trojanized utilities - Bleeping Computer

Google to give 10K free security keys to 'high risk' individuals - Times Now News

Microsoft Says Russia Behind Over 50% Of State-Sponsored Cyber Hacks - India Times

Ransomware is so rife it’s a threat to national security - The Bull

South Africa: Ransomware attack crisis over, says justice department - Times Live

South Korea: Callers impersonate government officials in 8 out of 10 phone scams - The Korea Herald

Tech giants expand Australian misinformation measures week after government criticism - ZDNet

Tesco, Morrisons and Asda customers are being warned about about new email scam – here’s how to spot it - Gedling Eye

Verizon Phishing Scam Targets Customers Through a Text Message | Beware of This Bogus Phone Number - Tech Times

What Is Ransomware as a Service? - Make Us Of

NEWS: Setembro (03/10 - 09/10) - 40 Semana de 2021