NEWS: Setembro (19/09 - 25/09) - 38 Semana de 2021
Cyber Security and Information Security News - Daily Updates !!!
25/09
New iPhone 13? Don't forget to update! - ZDNet
24/09
'Anonymous' Hackers Claim to Hit Website Hosting Firm Popular With Far-Right Groups - InfoSecurity Magazine
Apple's New iCloud Private Relay Service Leaks Users' Real IP Addresses - The Hacker News
Cisco Releases Patches 3 New Critical Flaws Affecting IOS XE Software - The Hacker News
Complex New SMS Malware Discovered - InfoSecurity Magazine
Cyber Threats Result in 60% Increase in Cyber Intelligence Sharing Among Financial Firms - InfoSecurity Magazine
Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras - InfoSecurity Magazine
Emergency Google Chrome update fixes zero-day exploited in the wild - Bleeping Computer
EU officially blames Russia for 'Ghostwriter' hacking activities - Bleeping Computer
FBI decision to withhold Kaseya ransomware decryption keys stirs debate - ZDNet
Florida Yet to Spend $30M Allocated for Cybersecurity - InfoSecurity Magazine
Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows - The Hacker News
Hackers exploiting critical VMware vCenter CVE-2021-22005 bug - Bleeping Computer
LG to Acquire Cybellum - InfoSecurity Magazine
Microsoft rushes to register Autodiscover domains leaking credentials - Bleeping Computer
Most IT leaders prioritize cloud migration, yet security concerns remain - Help Net Security
Policy and patience key in Biden’s cybersecurity battle - Help Net Security
Researcher drops three iOS zero-days that Apple refused to fix - Bleeping Computer
RTL Nederland paid hackers 8,500 euros after ransomware attack - Teller Report
SonicWall fixes critical bug allowing SMA 100 device takeover - Bleeping Computer
The Benefits and Challenges of Passwordless Authentication - Bleeping Computer
23/09
A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit - The Hacker News
ANZ reports a 73% year-on-year increase in scams for the first eight months of 2021 - ZDNet
Apple fixes another zero-day used to deploy NSO iPhone spyware - Bleeping Computer
Automation is not here to close the cybersecurity skills shortage gap, but it can help - Help Net Security
Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers - The Hacker News
Consumers taking action to protect themselves online, though confidence is low - Help Net Security
DDoS attacks increased 11% in 1H 2021, fueling a global security crisis - Help Net Security
Future of work: Cybersecurity and hybrid working as top two enterprise priorities - Help Net Security
Google tests if 'Chrome/100.0' user agent breaks websites - Bleeping Computer
Hacking group used ProxyLogon exploits to breach hotels worldwide - Bleeping Computer
Malware devs trick Windows validation with malformed certs - Bleeping Computer
Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials - The Hacker News
Nagios XI vulnerabilities open enterprise IT infrastructure to attack - Help Net Security
New advanced hacking group targets governments, engineers worldwide - ZDNet
New Android Malware Targeting US, Canadian Users with COVID-19 Lures - The Hacker News
Protecting IoT devices requires a DNS-based solution - Help Net Security
Ransomware attack levels soaring, now accounting for 69% of all attacks involving malware - Help Net Security
Ransomware attackers targeted this company. Then defenders discovered something curious - ZDNet
REvil ransomware devs added a backdoor to cheat affiliates - Bleeping Computer
SaaS applications investment growing despite underutilization of app licenses by employees - Help Net Security
U.S. Department of the Treasury announces set of actions to counter ransomware - Help Net Security
VoIP company battles massive ransom DDoS attack - ZDNet
Why You Should Consider QEMU Live Patching - The Hacker News
22/09
2 million malicious emails bypassed secure email gateways in 12 months - Help Net Security
A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035) - Help Net Security
Creepy data collection and sharing remain common on popular apps - Help Net Security
DDoS attacks are becoming more prolific and more powerful, warn cybersecurity researchers - ZDNet
Enterprises Need 27 New IT Hires to Manage Security Debt - InfoSecurity Magazine
Execs Need Less Talk, More Action on Software Security - Security Boulevard
Half of Web Owners Don't Know if Their Site Has Been Attacked - InfoSecurity Magazine
How digital transformation impacted CIO and CTO roles - Help Net Security
How do I select a data privacy management solution for my business? - Help Net Security
How to protect the corporate network from spyware - Help Net Security
Leveraging AI and automation to identify sensitive data at scale - Help Net Security
Lithuanian Ministry Bashes Xiaomi and Huawei for Undocumented Functionality - TechNadu
Microsoft Unearths Large-Scale Phishing Operation Involving 300,000 Subdomains - TechNadu
Netgear Releases Fixing Update for a Wide Range of Router Products - TechNadu
New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures - The Hacker News
Plug critical VMvare vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005) - Help Net Security
RCE is back: VMware details file upload vulnerability in vCenter Server - ZDNet
Researchers Discover Remotely Exploitable Flaw that Results in File Exposure on Gurock TestRail - TechNadu
The Future of Industrial Cybersecurity - Security Boulevard
Treasury Sanctions Russian Crypto Exchange - InfoSecurity Magazine
VMware addressed a critical flaw in vCenter Server. Patch it now! - Security Affairs
We cannot afford for healthcare security to be the “lowest-hanging fruit” - Help Net Security
21/09
3-D Secure transactions growth fueled by card-not-present explosion and PSD2 - Help Net Security
77% of execs concerned about security tools gaps in their company - Help Net Security
A zero-day flaw allows to run arbitrary commands on macOS systems - Security Affairs
Apache OpenOffice is currently impacted by a remote code execution flaw - Security Affairs
Black Matter gang demanded a $5.9M ransom to NEW Cooperative - Security Affairs
Breached Alaska Gov Systems Still Down—After 5 MONTHS - Security Boulevard
Challenges CISOs face in a rapidly evolving cybersecurity landscape - Help Net Security
Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus? - The Hacker News
Data of 106 million visitors to Thailand leaked online - Security Affairs
DEF CON 29 Cloud Village – Batuhan Sancak’s ‘Azure Active Directory Hacking Wars’ - Security Boulevard
Druva Accelerates Ransomware Recovery Using Curated Data - Security Boulevard
European Police Bust €10m Mafia Fraud Ring - InfoSecurity Magazine
Farming Group Warns of Supply Chain Chaos After Ransomware Attack - InfoSecurity Magazine
How to mitigate security vulnerabilities automatically with RASP - Security Boulevard
iOS 15 lets you spy on apps that might be spying on you - ZDNet
Major American Agriculture Cooperative Hit by the ‘BlackMatter’ Ransomware Gang - TechNadu
Malicious Email Surge Predicted for Q4 - InfoSecurity Magazine
Marketron marketing services hit by Blackmatter ransomware - Bleeping Computer
Microsoft Power Apps data exposure: Prioritizing sensitive data with secure configuration settings - Help Net Security
New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin - The Hacker News
New macOS zero-day bug lets attackers run commands remotely - Bleeping Computer
Office workers unwilling to change their behavior, despite being aware of the cybersecurity challenges - Help Net Security
Organizations prioritize strategic security programs, but lack fundamentals - Help Net Security
Researcher Discovers Major Exposure in the EventBuilder App - TechNadu
Securing the Edge in the Supply Chain - Security Boulevard
Siemens launches AI solution to fight industrial cybercrime - ZDNet
The complexities of vulnerability remediation and proactive patching - Help Net Security
Turla APT group used a new backdoor in attacks against Afghanistan, Germany and the US - Security Affairs
US agricultural co-op hit by ransomware, expects food supply chain disruption - Help Net Security
“Water Basilisk” Campaign Exploiting File Hosting Services to Deliver Multiple RAT Payloads - TechNadu
20/09
A New Wave of Malware Attack Targeting Organizations in South America - The Hacker News
Add Security, Not Headaches, to the SDLC - Security Boulevard
ALTDOS claims to have hacked one of Malaysia’s biggest conglomerates - DataBreaches Net
Banco de Venezuela Still Struggling to Restore Services After Last Week’s Cyberattack - TechNadu
Cloud and online backups increasing in popularity, but tape usage remains - Help Net Security
Europol arrested 106 fraudsters, members of a major crime ring - Security Affairs
Europol Busts Major Crime Ring, Arrests Over 100 Online Fraudsters - The Hacker News
Europol Dismantled Massive Online Fraud Operation With 106 Members - TechNadu
Europol links Italian Mafia to million-dollar phishing scheme - Bleeping Computer
EventBuilder misconfiguration exposed event registrants’ information - DataBreaches Net
EventBuilder misconfiguration exposes Microsoft event registrant data - Bleeping Computer
Facebook rebukes WSJ over investigation on the platform's ability to harm, 'toxic' impact - ZDNet
Former IT Exec Pleads Guilty to Insider Trading Conspiracy - InfoSecurity Magazine
Google Is Going to Reset App Permissions on Older Android Versions Too - TechNadu
Google: This major privacy change is coming to billions of Android devices soon - ZDNet
Hacked sites push TeamViewer using fake expired certificate alert - Bleeping Computer
How to retain the best talent in a competitive cybersecurity market - Help Net Security
iMessage Zero-Click Exploit, Leaked Guntrader Firearms Data, 60 Million Fitness Tracking Records Exposed - Security Boulevard
India’s Antitrust Authority Finds Google Abused Its Market Dominance - TechNadu
NIST SP800-53 Revision 5, One Year Later - Security Boulevard
Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme - Security Affairs
Payment API Vulnerabilities Exposed "Millions" of Users - InfoSecurity Magazine
Perceptions of Insider Risk 2021 - Security Boulevard
Phishing attacks: Police make 106 arrests as they break up online fraud group - ZDNet
Protecting Data From Insider Threats - Security Boulevard
Ransomware Attacks Growing More Sophisticated - Security Boulevard
Ransomware still a primary threat as cybercriminals evolve tactics - Help Net Security
Republican Governors Association email server breached by state hackers - Bleeping Computer
Securing Kubernetes as it becomes mainstream - Help Net Security
Tech pros reporting a positive perception of their roles, looking forward to what lies ahead - Help Net Security
The Demise of Self-Driving Cars as Such - Security Boulevard
Trust, but verify: An in-depth analysis of ExpressVPN's terrible, horrible, no good, very bad week - ZDNet
US Set to Sanction Cryptocurrency Firms Involved in Ransomware - InfoSecurity Magazine
Victoria launches five-year, AU$50 million cyber strategy - ZDNet
Zero trust security solutions widely adopted, spurred by surge in ransomware - Help Net Security
What businesses need to know about data decay - Help Net Security
19/09
8 Job Security Tips That Every Freelancer Should Know - Make Use Of
Cracks in the crypto utopia: How a surge of scams is exposing DeFi’s dark side - Digital Trends
Cybercrime gang backdoors U.S. finance organizations with malware - Digital Journal
Data Security Trends 2021 - Datamation
DDoS Attacks In Healthcare: Just How Dangerous Can They Get? - Tech Times
DEF CON 29 Blockchain Village – Yaz Khoury’s ‘Surviving 51 Percent Attacks’ - Security Boulevard
DEF CON 29 Cloud Village – Magno Logan’s ‘Workshop Kubernetes Security 101 Best Practices’ - Security Boulevard
Exabytes Falls Victim To Ransomware Attack: Causes Disruptions To Certain Services - Lowyat
Financial sector suffers costliest cyberattacks - The Manila Times
Google to Auto-Reset Unused Android App Permissions for Billions of Devices - The Hacker News
How to spot cryptocurrency Bitcoin scams trying to steal your money - Central Recorder
Industrial control systems spyware scripts on rise in UAE - GDN Online
New "Elon Musk Club" crypto giveaway scam promoted via email - Bleeping Computer
Numando: A New Banking Trojan Targeting Latin American Users - The Hacker News
Numando, a new banking Trojan that abuses YouTube for remote configuration - Security Affairs
Ransomware attack on TN Public Department systems - The Siasat Daily
Received a text with a surprising pandemic offer? Don’t click that link! - JC Post
‘Smishing’: the rising threat for business owners that brings scams to smartphones - The Guardian
Telegram Is Reportedly Harboring More Cyber Criminals Ever Since The Attempted WhatsApp Policy Change - Digital Information World
The Digital Pandemic – Ransomware - The State Of Security
The vicious cycle that makes ransomware such a potent threat - TechRadar Pro
Vulnerabilities in Operational Tech Devices Up 46% in H1’21- The Fintech Times
NEWS: Setembro (12/09 - 18/09) - 37 Semana de 2021