NEWS: Setembro (12/09 - 18/09) - 37 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!

18/09
Exploit for Recently Discovered Azure Flaw Already Added to Mirai Botnet - TechNadu
KASLR can be broken via an AMD CPU driver flaw, exposing passwords - TDH
New DNA-Based Processor Technology Proposed by Researchers - TDH
‘Solana’ Was Overwhelmed by a Sudden Influx of Transactions and Went Offline for Hours - TechNadu
What Does a Digital Forensics Investigator Do in an Investigation? - CISO Mag
17/09
Admin of DDoS service behind 200,000 attacks faces 35yrs in prison - Bleeping Computer
AT&T Phone-Unlocking Malware Ring Costs Carrier $200M - Threatpost
Australians ‘struggle’ up against network security breaches - IT Wire
Bad Apples: How CNA Attacks Put Everyone At Risk - Security Boulevard
CISA: Patch Zoho Bug Being Exploited by APT Groups - InfoSecurity Magazine
Class Action Filed After Hospital Ransomware Attack - Legal Reader
Council secrets for sale on dark web, says Darlington IT firm - The Northern Echo
Crooks hijack bank OTPs to make fraudulent card payments - Finextra
Cyberattacks against the aviation industry linked to Nigerian threat actor - ZDNet
Data and AI professionals prioritize learning new skills amid labor shortage - Help Net Security
Data protection and security: Crucial to business sustainability - New Age Tech
Despite Huge Budgets, Cyber-Rich Banks Are Not Paying It Forward In Cybersecurity - Forbes
Experts Concerned Over New Digital Secretary's Lack of Cyber Knowledge - InfoSecurity Magazine
Five pharma cybersecurity breaches to know and learn from - Pharmaceutical Technology
Free REvil Decryptor Launched - InfoSecurity Magazine
Germans See Russian Meddling in Tight Election Intensifying - Bloomberg
How insurers can approach cybersecurity risk - Digital Insurance
How surveillance capitalism will totally transform the domain name system - ZDNet
How to fix printers asking for admins creds after PrintNightmare patch - Bleeping Computer
Key Differences Between PHI and PII, How They Impact HIPAA Compliance - Health IT Security
Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years - The Hacker News
Mankato Clinic notifies patients of health data breach - KEYC News
Modern security strategies key to support remote workforce demands - Help Net Security
Microsoft asks Azure Linux admins to manually patch OMIGOD bugs - Bleeping Computer
No business is too small to be a target of cyberattacks - New Haven Register
NSW to trial geolocation and facial recognition app for home-based quarantine - ZDNet
Open source cyberattacks increasing by 650%, popular projects more vulnerable - Help Net Security
Over 500,000 Records Belonging to Offrea.be Were Leaked Online - TechNadu
Ransomware Attack Encrypts South Africa’s Department of Justice, System Still Being Restored - Gadgets 360
Romance Scammers Make $133m in First Half of 2021 - InfoSecurity Magazine
The digital identity imperative - Help Net Security
This banking Trojan abuses YouTube to manage remote settings - ZDNet
Trend Micro blocks 41bn threats in 1H 2021 - Gadget
US govt sites showing porn, viagra ads share a common software vendor - Bleeping Computer
Zero-day attacks are putting the squeeze on Apple, Google, and Windows devices - Tech HQ

16/09
7 tips for building a strong security culture - Tech Target
15% of the Nasdaq 100 Is Highly Susceptible to a Ransomware Attack, New Black Kite Research Finds - Dark Reading
61M Fitbit, Apple Users Had Data Exposed in Wearable Device Data Breach - Health IT Security
87% of Indian cos victims of security breach last year: Report - The Siasat Daily
Airline Credential-Theft Takes Off in Widening Campaign - Threatpost
APT-C-23 Using New Android Spyware in the Middle East - TechNadu
Attacks reach record highs in 2021 - IT Online
Bitdefender offers free decryptor for REvil ransomware victims - Tech Republic
Bot attack volumes growing 41% year over year, human-initiated attacks down 29% - Help Net Security
Chinook School Division student information exposed during accidental data breach - Prairie Post
Data breach in networks of Indonesian ministries and agencies - Telecom
Dutch education administrators underestimate threat of cyber crime - Computer Weekly
Fake TeamViewer download ads distributing new ZLoader variant - HackRead
Ford Faces Class Action Lawsuit for Storing and Sharing Private Conversations - TechNadu
FTC says it will fine digital health companies that don't disclose data breaches - Mobi Health News
Hackers steal Covid test data of 1.4 million people from Paris hospital system - Modern Ghana
Household Names Hit with £500K Fine for Spamming Consumers - InfiSecurity Magazine
HP Omen Hub Exposes Millions of Gamers to Cyberattack - Threatpost
Making the Cybersecurity Grade: How Schools Can Protect Data and IT Resources - Ed Tech
Microsoft announces passwordless authentication option for consumers - Help Net Security
MSHTML Zero Day Exploits Used Shared Infrastructure With Ransomware Group - Decipher
New Go malware Capoae targets WordPress installs, Linux systems - ZDNet
One-in-seven Nasdaq-100 companies ranked as highly susceptible to a ransomware attack - IT Pro
Phishing thru your QR or Qrishing: that is how this rip-off works that the Police in Spain warn about - News Trace
Puma has also been added to the victim list of Marketo Gang - TDH
Ransomware attackers targeted app developers with malicious Office docs, says Microsoft - ZDNet
Ransomware-as-a-service pandemic must be interrupted, says Cambridge cybersecurity specialist Darktrace - Cambridge Independent
REvil Ransomware Victims Get A Reprieve As Master Decryption Key Is Released - Forbes
T-Mobile US presses to consolidate class action suits - Mobile World Live
The 8 Most Notorious Malware Attacks of All Time - Make Use Of
The Massachusetts Attorney General conducts probe in the T-Mobile data breach - TDH
There Is No Evidence Russia-based Ransomware Is Slowing Down - My Tech Decisions
Tourist warning- Popular holiday scam 'exploiting' travellers is on the rise - Express
United Nations Data Breach: Hackers Obtained Employee Login From Dark Web, Are Executing Ongoing Attacks on UN Agencies - CPO Magazine

15/09
3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company - The Hacker News
46% of all on-prem databases are vulnerable to attack, breaches expected to grow - Help Net Security
An Anonymous ‘Kik Messenger’ User Was Identified and Arrested for Child Exploitation - TechNadu
Cybercriminals recreate Cobalt Strike in Linux - ZDNet
DOJ fines NSA hackers who assisted UAE in attacks on dissidents - ZDNet
Execs concerned about software supply chain security, but not taking action - Help Net Security
Google Chromebook bug causes black screens after login - Bleeping Computer
Meris botnet assaults KrebsOnSecurity - ZDNet
Microsoft fixes remaining Windows PrintNightmare vulnerabilities - Bleeping Computer
Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug - Bleeping Computer
Millions of HP OMEN gaming PCs impacted by driver vulnerability - Bleeping Computer
Most Fortune 500 companies’ external IT infrastructure considered at risk - Help Net Security
Multiple Flaws in Microsoft Azure Put Half of All Deployments at Risk - TechNadu
New Zloader attacks disable Windows Defender to evade detection - Bleeping Computer
OMIGOD: Azure users running Linux VMs need to update now - ZDNet
Ransomware preparedness is low despite executives’ concerns - Help Net Security
Rare bright cyber spot: ACSC reports total incidents down 28% - ZDNet
This Month’s ‘Patch Tuesday’ Plugs Dozens of Security Holes in Windows - TechNadu
Three formers NSA employees fined for providing hacker-for-hire services to UAE firm - Security Affairs
Two-thirds of cloud attacks could be stopped by checking configurations, research finds - ZDNet
US CISA appointed Kiersten Todt as new chief of staff - Security Affairs
U.S. Operatives Responsible for “KARMA” Deployment in the U.A.E. Offered Costly Resolution - TechNadu

14/09
Apple fixes iOS zero-day used to deploy NSO iPhone spyware - Bleeping Computer
Apple Fixes Pegasus-Exploited Zero-Day Through iOS 14.8 and macOS 11.6 - TechNadu
Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860) - Help Net Security
ExpressVPN sells to Kape Technologies for $936 million - ZDNet
Fitness Tracking Platform Exposed 61 Million User Records - TechNadu
Google addresses a new Chrome zero-day flaw actively exploited in the wild - Security Affairs
Google patches 10th Chrome zero-day exploited in the wild this year - Bleeping Computer
Google patches two Chrome zero-days - ZDNet
Healthcare cybersecurity: How to prevent the compromise of patient records? - Help Net Security
How to evaluate the security risk of your databases - Help Net Security
IT teams forced into compromising security for business continuity during pandemic - Help Net Security
Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more! - Help Net Security
Mēris Bot infects MikroTik routers compromised in 2018 - Security Affairs
Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability - The Hacker News
Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw - Security Affairs
Networking issues enterprises must address to improve business and operational efficiency - Help Net Security
OSI Layer 1: The soft underbelly of cybersecurity - Help Net Security
REvil: Ransomware gang active again in a new line-up - Market Research Telecast
Singapore, India to link national payment systems for cross-border transfers - ZDNet
Three ways to keep your organization safe from cyberattacks - Help Net Security
Vermilion Strike, a Linux implementation of Cobalt Strike Beacon used in attacks - Security Affairs
Whitepaper: Cobalt Strike – a toolkit for pentesters - Help Net Security

13/09
5 ways to better prepare your organization for a ransomware attack - TechRepublic
5 ways to improve cyber resilience against ransomware, supply chain attacks - GCN
A Third of Industrial Control Systems Attacked in H1 2021 - InfoSecurity Magazine
Apple releases update fixing NSO spyware vulnerability affecting Macs, iPhones, iPads and Watches - ZDNet
Beware of these 5 common scams you can encounter on Instagram - We Live Security (eset)
BlackMatter ransomware gang hit Technology giant Olympus - Security Affairs
BlackMatter ransomware hits medical technology giant Olympus - Bleeping Computer
Camera giant Olympus hit by ransomware attack - TechRadar Pro
Class action targets Georgia health system over ransomware attack that exposed 1.4 million patients' info - Becker's Health IT
Costly DNS Attacks on the Rise - Security Boulevard
Department of Justice and Constitutional Development of South Africa hit by a ransomware attack - Security Affairs
Elevated Cyber-risk as Companies Choose Speed Over Security - InfoSecurity Magazine
Enterprise automation adoption surging, security and compliance area jump by 171% - Help Net Security
FTC warns of extortionists targeting LGBTQ+ community on dating apps - Bleeping Computer
Hackers leak California hospital patients' data online after ransomware attack - Becker's Health IT
Hackers Leak Schoolkids’ Data—ID Theft of Minors Ensues - Security Boulevard
Hacker-made Linux Cobalt Strike beacon used in ongoing attacks - Bleeping Computer
How Likely Is Your Employee To Cause A Data Breach? - Forbes
IoT device attacks double in the first half of 2021, and remote work may shoulder some of the blame - TechRepublic
‘MskHost’ Taken Down by Hacktivists Who Will Now Pass Stolen Clientele to the Police - TechNadu
Mobile app creation: Why data privacy and compliance should be at the forefront - Help Net Security
Network security market growth driven by remote work popularity and security needs - Help Net Security
New SpookJS Attack Bypasses Google Chrome's Site Isolation Protection - The Hacker News
Olympus Admitted the ‘BlackMatter’ Ransomware Gang Got Them - TechNadu
Only 30% of enterprises use cloud services with E2E encryption for external file sharing - Help Net Security
OWASP Working Group Releases Draft of Top 10 Web Application Risks for 2021 - Security Boulevard
Phishing attacks vs employees skyrocketed during the pandemic - Back End News
REvil is back - and wants to rebuild its reputation - TechRadar Pro
SEC Probe into Russian Hacking of SolarWinds has corporate America worried - Technowize
Security Experts Witnessed a 55,239% Increase in Ransomware Activity in Q2 - PR Newswire
Singapore moots 'foreign interference' law with powers to issue online platforms take-down order - ZDNet
The new maxtrilha trojan is being disseminated and targeting several banks - Security Affairs
The Rise of Developer-First Security Tooling - Security Boulevard
The Three Pillars of Unified Risk Management for Product Security - InfoSecurity Magazine
The top cyber security risks of 2022 - Charity Digital
Third-party cloud providers: Expanding the attack surface - Help Net Security
Top 5 Enterprise Security Threats and How To Avoid Them - CPO Magazine
UAE: Moorfields Eye Hospital in Dubai sees more staff and patient data dumped - Data Breaches Net
UK Man Gets Five Years for Online Abuse Campaign - InfoSecurity Magazine
WhatsApp details plans to offer encrypted backups - ZDNet
WhatsApp to Roll Out Encrypted Backups - InfoSecurity Magazine

12/09
Crypto Miners in Africa at Risk from Cyber Criminals with East Africa the Largest Target Market in 2021 - BitcoinKE
Cyber in the boardroom - Professional Security Magazine Online
Experts concerned over emergence of new Android banking trojan S.O.V.A. - HackRead
Google implements new Private Compute Services for Android - Security Affairs
How to Avoid Paying Ransoms - SDXCentral
How to shut down a phishing operation in 48 hours - TechRadar Pro
How to Talk to Stakeholders About Cybersecurity - Security Boulevard
New cybersecurity report from HP reveals 91% of IT teams feel pressure to compromise security - Zawya
‘Please Provide Your Credit Card and Code’: New Israeli Facebook Scam Is a Lesson in Online Fraud - Haaretz
Pysa Ransomware Gang Targets Linux - Bank Info Security
Qatar: Communications Regulatory Authority (CRA) raises awareness against online fraud, hacking - The Peninsula
Revil ransomware operators are targeting new victims - Security Affairs
Scamming activity intensifies ahead of world famous auto racing event - MenaFN
SME breach response - Professional Security Magazine Online
State of Cybersecurity: We Can Do More to Protect Our Supply Chain and Critical Infrastructure - Homeland Security
Windows MSHTML zero-day exploits shared on hacking forums - Bleeping Computer