Notícias de Dezembro de 2020
18/12/2020
2020 broke cybersecurity records, here’s what’s to come in the new year - Help Net Security
2021 technology trends that business continuity managers need to be aware of - Continuity Central
5 essential steps needed to set up a secure e-commerce website - HackRead
5 reasons IT should consider client virtualization - Help Net Security
Analysis: The Impact of SolarWinds Hack - Data Breach Today
ASPI warns Canberra about security risk with current data centre procurement approach - ZD Net
Assurances sought Moray ambulance staff hit by data breach are receiving support - The Press and Journal
Biggest Healthcare Security Threats, Ransomware Trends into 2021 - Health IT Security
Bouncy Castle Bug Puts Bcrypt Passwords at Risk - InfoSecurity
Business email compromise (BEC) makes up 12% of the spear-phishing; reports Barracuda Networks - CXO Today
Cloud ITSM market size to grow to $12.2 billion by 2025 - Help Net Security
Decade-Long Data Silo to Address Google-Fitbit Privacy Concerns - InfoSecurity
DOJ Seizes $4 Million in Assets Tied to Phantom Secure - Data Breach Today
Enterprise phishing scams on the rise: Don’t overlook user error - Business Matters
Expedited shifts to hybrid infrastructure and remote work challenges - Help Net Security
Fake mobile version of Cyberpunk 2077 spreads ransomware - Security Affairs
FBI Warns of DoppelPaymer Ransomware Attack Surge - Bank info Security
GMIT data breach shows ugly reality behind screen of aspirational inclusivity - Irish Examiner
Google Extends Support Period for Android Devices - Security Week
Hotels.com, Expedia Sued Over Data Breach - Law Street
How to bring clarity to your critical communications strategy in 2021 - Continuity Central
IIROC schedules industry business continuity planning test - Continuity Central
Imagining a professional life without passwords - Help Net Security
Massive Cyberattack On US Government Exposes Shortcomings, Russia Named Top Suspect - E Hacking News
Microsoft and 40+ Customers Hit in Russian Espionage Attack - InfoSecurity
Microsoft says it identified 40+ victims of the SolarWinds hack - ZD Net
Microsoft was also a victim of the SolarWinds supply chain hack - Help Net Security
Mobile Security Threat to US Mobile Phones from China - CyberSecurity Insiders
MountLocker Ransomware Service Gaining Steam with Affiliates - MSSP Alert
People's Energy data breach affects all 270,000 customers - IT Pro
People’s Energy Data Breach Impacts 270,000 Customers - Silicon Co UK
Putin: the US State Department and the US intelligence agencies come up with fake about Russian hackers - E Hacking News
Ransomware’s Next Nasty Surprise: Pay Up Or We’ll Brick Your PC’s UEFI Firmware - Forbes
Service NSW not effectively handling private information: NSW Auditor-General - ZD Net
The Pros and Cons of Open-Source Tools - THWack
The US ‘National Nuclear Security Administration’ Is Among the Hacked Agencies - TechNadu
United States: Ransomware As Reminder: Back To Basics Of Cyber Readiness - Mondaq
UK Energy Firm Suffers Data Breach Impacting Entire Customer Database - InfoSecurity
What does the future of infosecurity entail? - Security Brief
17/12/2020
5 ways to lock down your Microsoft 365 account and keep hackers out - CNet
A first-hand account of ransomware: To pay or not to pay - Security Magazine
A new approach to scanning social media helps combat misinformation - Help Net Security
ACCC sues Facebook over user data breach - The Market Herald
Americans Don’t Trust the US Government — Especially with Their Data - CPO Magazine
Analysis of 5G Network Security Reveals Attack Possibilities - InfoSecurity
Attackers can exploit vulnerabilities in new 5G networks to steal subscriber data and impersonate users - Security Magazine
BEC Hits Double Digits as COVID-19 Scams Abound - InfoSecurity
Cost savings and security are key drivers of MSP adoption - Help Net Security
Digging the recently leaked Chinese Communist Party database - Security Affairs
Dutch Hacker Who Allegedly Broke into Trump’s Twitter Account Walks Free - Hot fir Security
Energy firm customers urgently warned data has been breached in hack - Birminghan Live
Enterprises Increase Security Spending but not Efficacy - Security Boulevard
“Evil mobile emulator farms” used to steal millions from US and EU banks - ARS Technica
Experts Urge Users to Ignore Facebook Christmas Bonus Scam - InfoSecurity
FBI, CISA officially confirm US govt hacks after SolarWinds breach - Bleeping Computer
Financial Services Industry Under Attack from a Surge in Credential Stuffing - InfoSecurity
FireEye, GoDaddy, and Microsoft created a kill switch for SolarWinds backdoor - Security Affairs
Get the attacker’s view on your cyber defence - Belfast Telegraph
Global account fraud decreased 23% in 2020 - Security Magazine
Google and Qualcomm Can Now Promise Four Android OS Version Upgrades - TechNadu
Hackney cyber attack causes property buyers’ deals to fall through - IT Governance
How employees view and manage company security - Help Net Security
How to Manage Shadow IT for the Benefit of Business and Employees - InfoSecurity
How to Use Password Length to Set Best Password Expiration Policy - The Hacker News
IBM launches experimental homomorphic data encryption environment for the enterprise - ZD Net
Identity Verification: Protecting Customer Data Across Borders - Security Boulevard
Investigation launched as medical details of patients found lying in street - Eastern Daily Press
Launched OSSISNa, the Observatory for the Protection of the National Strategic Industrial System -Security Affairs
Let’s backup for a second - Why cloud needs better protection - Racounter
Malicious Browser Extensions | Avast - Security Boulevard
Malicious Chrome and Edge Extensions Affect Millions of Users - InfoSecurity
Migration delays prevent AD-centric zero trust security framework adoption - Help Net Security
Mitigating Healthcare Ransomware Attacks - InfoSecurity
Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia - We Live Security
People's Energy data breach affects all 270,000 customers - BBC News
Phobos launches Orbital, a tool for finding attack pathways and entry points into your network - ZD Net
Phone scammers were able to get 270% more personal information in 2020 than in 2019 - TechRepublic
Ransomware 2.0 uses ‘pressure tactic’ to prey on organizations’ digital reputation in APAC - Back End News
Ransomware and Cyber-Extortion Payments Double in 2020 - InfoSecurity
'SocGholish' Attack Framework Powers Surge in Drive-By Attacks - Dark Reading
Software Supply-Chain Attack Hits Vietnam Government Certification Authority - The Hacker News
Stress levels are rising, but that doesn’t have to mean more security incidents - Help Net Security
The evolution of cybersecurity accessibility - Tech Engage
These Three Trends Will Shape Security And IT Challenges In 2021 - Forbes
This ‘off the shelf’ Tor backdoor malware is now a firm favorite with ransomware operators - ZD Net
Three million users installed 28 malicious Chrome or Edge extensions - ZD Net
Visual Notes : SolarWinds Supply Chain compromise using SUNBURST backdoor (detected by FireEye) - Security Boulevard
Zero-trust is the new Safe - Inquirer Net
Windows backdoor SystemBC being used by RaaS affiliates - ITWire
When zombie malware leads to big-money ransomware attacks - Naked Security by Sophos
16/12/2020
35% of organizations believe the NIS Directive expectations are unclear - Help Net Security
45 million medical images left exposed online - Help Net Security
Accelerated cloud migration may leave business data insecure - Help Net Security
Apple now shows you all the ways iOS apps track you - ZD Net
DEFCON 201 Online Meet Up — December 2020 — XmasCon - DEFCON 201
Double extortion raising the stakes for ransomware victims - teiss
Emulated mobile devices used to steal millions from US, EU banks - Bleeping Computer
EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants - Security Affairs
Facebook to move all UK users onto US agreements - BBC News
FICO launches cryptocurrency trade risk solution for banks - ZD Net
FireEye, Microsoft create kill switch for SolarWinds backdoor - Bleeping Computer
German Government Backs Bill Requiring 5G Security Pledge - Security Week
Google quietly buys company that turns your old Windows 7 PC into Chrome OS machine - ZD Net
HPE discloses critical zero-day in server management software - Bleeping Computer
How Spin-a-wheel scam is ‘phishing’ for users - The Hindu Business Line
How to avoid getting caught in ransomware's crosshairs - betanews
Is it Time to Rethink Cybersecurity Training? - InfoSecurity
Malicious Chrome, Edge extensions with 3M installs still in stores - Bleeping Computer
Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ - Krebs on Security
Malicious RubyGems packages used in cryptocurrency supply chain attack - Bleeping Computer
Microsoft Authenticator brings password autofill to mobile devices - Bleeping Computer
Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack - Security Affairs
Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow - ZD Net
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird - Cybersecurity & Infrastructure Security Agency
New 5G Network Flaws Let Attackers Track Users' Locations and Steal Data - The Hacker News
New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor - The Hacker News
New Account Fraud Surges 28% in the UK as Global Rates Drop - InfoSecurity
New Goontact spyware discovered targeting Android and iOS users - ZD Net
New spyware used by sextortionists to blackmail iOS and Android users exposed by Lookout - Security Magazine
Prioritize Cybersecurity to Protect Your Business Before It Is Too Late - Entrepreneur
PyMICROPSIA Windows malware includes checks for Linux and macOS - Security Affairs
RAM-Generated Wi-Fi Signals Allow Data Exfiltration From Air-Gapped Systems - Security Week
Ransomware Attackers Using SystemBC Malware With RAT and Tor Proxy - The Hacker News
Ransomware gangs automate payload delivery with SystemBC malware - Bleeping Computer
Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor - Sophos
Recent Spear-Phishing Attacks Originate From Legit Accounts - Bank Info Security
Researchers develop tool that automates device programming in the IoT - Help Net Security
Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor - Threatpost
Security automation: Time for a new playbook - Help Net Security
Service NSW data breach affected 80,000 fewer people than first thought - The Sydney Morning Herald
Sextortion campaign uses Goontact spyware to target Android and iOS users - Security Affairs
Singapore adds face verification, multi-user SMS to SingPass 2FA - ZD Net
SolarWinds: Why the Sunburst hack is so serious - BBC News
SolarWinds said no other products were compromised in recent hack - ZD Net
The SolarWinds and US government breach is not a marketing opportunity - ZD Net
Thousands of D-Link VPN Routers Vulnerable to Device Takeover Attacks - Toolbox
Total Published CVEs Hits Record High for Fourth Year - InfoSecurity
Trump's Twitter account was hacked, Dutch ministry confirms - The Guardian
UK proposes new powers for comms regulator to legally unleash avenging hordes on security-breached telcos - Cyber Report
Watchdog criticises finance co-op Desjardins over data breach - The News COOP
What is Geocoding? — How to Find Coordinates of An Address - The Hacker News
15/12/2020
2021 will be a cybercrime bruiser - IT-Online
42% of security leaders said the pandemic has changed their cybersecurity priorities - Help Net Security
7 online scams you need to be aware of this Christmas - House Beautiful
Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems - ZD Net
Apple addressed multiple code execution flaws in iOS and iPadOS - Security Affairs
ASD leaves TikTok ban decisions in departmental hands - ZD Net
Beware: New malwares target users in UAE, region for espionage - Khaleej Times
California Hospital Notifies 67k Patients of Data Breach - InfoSecurity
Countries that retaliate too much against cyberattacks make things worse for themselves - Help Net Security
DHS, CISA and NCSC Issue Warnings After SolarWinds Attack - InfoSecurity
DVLA issues urgent scam warning to drivers - Lancashire Telegraph
Facebook to move UK users to California terms, avoiding EU privacy rules - Reuters
Fitzsimmons claims trust is always factored into government-built tech systems - ZD Net
Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices - Security Affairs
Frauds galore in the name of ‘Work From Home’ - Telangana Today
Global Internet of Things (IoT) Security Technology Market 2020 Growth Analysis – Cisco, Trend micro, IBM, Intel, Gemalto, Infineon, HP Enterprise Company - Wall Street Call
Government Threatens Tech Firms with Fines of 10% of Turnover - InfoSecurity
Hackers Steal $8.2M Worth of NXM Tokens from Nexus Mutual CEO’s - Inside Bitcoins
High-risk vulnerabilities discovery increased 65% in 2020 - Help Net Security
Hospitals are leaving millions of sensitive medical images exposed online - ZD Net
How understanding cognitive science can strengthen cybersecurity's weak links - Tech Republic
Ireland's hospitals at risk of deadly cyber-attacks, leading security expert warns - Irish Examiner
IRS warns of scam texts claiming to send fake stimulus check - Fox32 Chicago
Magic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199) - Trustwave
Major Norway cruise line Hurtigruten hit by 'comprehensive' ransomware cyberattack - USA Today
Millions of Medical Imaging Files Freely Accessible on Unprotected Servers - InfoSecurity
More than half of organizations don’t have an insider risk response plan - Help Net Security
Nearly 18,000 SolarWinds Customers Installed Backdoored Software - The Hacker News
Over 4,000 privacy complaints made about Aussie telcos in FY20 - ZD Net
Over 45 million medical images exposed by healthcare organisations - Verdict
Ransomware outed as cause of State Transit Authority outage - ITNews
Resident Evil 8 Story And Ending Leaked By Ransomware Attackers - Republic World
Russian hackers broke into the systems of the United States Department of the Treasury and Department of Commerce - E Hacking News
Secure enclave protection for AI and ML -Help Net Security
SoReL-20M Sophos & ReversingLabs release 10 million disarmed samples for malware study - Security Affairs
The Binary Security story: A cybersecurity startup run out of Darwin - ZD Net
Twitter fined ~$550K over a data breach in Ireland’s first major GDPR decision - Tech Crunch
Twitter Fined Half A Million Dollars For Late Data Breach Reporting - Mashable india
14/12/2020
10 common types of malware and how to combat the threat - DataQuest
18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack - Dark Reading
Agências dos EUA são atacadas pelo mesmo grupo que invadiu a FireEye - The Hack
Apple introduces privacy information for apps across all of its stores - ZD Net
Assessing the New Normal for Cybersecurity - Security Boulevard
Australian travel agency criticized over coding event that exposed sensitive user data to external software developers - The Daily Swig
Attackers hit US Treasury through Microsoft Office 365; SolarWinds opens door to others - ITWire
Clop Ransomware Encrypts E-Land Retail Computers After Stealing 2 Million Credit Card Details Using POS Malware - CPO Magazine
Confidence in print security drops and data breach costs rise - Computer Weekly
Counterfeit Covid-19 Vaccines are Being Offered on the Dark Web - Digit
Covid-19 ‘Vaccines’ Touted for Just $250 on Darknet - Express Computer
Cybersecurity experts hail new IoT law - Tech Republic
Cybersecurity firm warns vs ‘Ransomware 2.0’, ‘pressure tactics’ - Inquirer NET
Data Leak Exposes Details of Two Million Chinese Communist Party Members - InfoSecurity
Desjardins had 'series of gaps' in system, leading to massive data breach - Yahoo! Finance
Details for 1.9M members of Chinese Communist Party Members leaked - Security Affairs
DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report - ThreatPost
Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov - Security Week
Gmail 'hacked': Google users warned of massive data breach after global outage - Express CO UK
Former Cisco Engineer Gets Two Years for $2.4M WebEx Attack - InfoSecurity
Frost & Sullivan Names Menlo Security a Growth and Innovation Leader in the APAC Web Security Market - Security Boulevard
Google’s Data Security: How Google Protects your Data from Cyber Threats? - E Hacking News
Google down: Gmail, Docs, YouTube users hit by outage - ZD Net
Google outage affecting YouTube, Gmail and more - Bleeping Computer
Google, YouTube, Gmail service suffered major outage worldwide - HackRead
Hackers breached U.S. government agencies via compromised SolarWinds Orion software - Help Net Security
Hackers line up for bumper payday ahead of record breaking Black Friday - IT Pro Portal
Hacking group’s new malware abuses Google and Facebook services - Bleeping Computer
How COVID-19 has impacted the security threat landscape - Help Net Security
How scammers target PayPal users and how you can stay safe - We Live Security
How to make DevSecOps stick with developers - Help Net Security
How to Protect and Keep Your Digital Wallets Safe - HackRead
How to recover from ransomware when prevention fails - CRN
Indiana Supreme Court deciding whether ransomware attacks are covered by insurance - 95.3 MNC
Is it Time for the Network to Shoulder More of the Burden of Information Security? - InfoSecurity
Latest cyber security worry—covid vaccines 'on sale' - The Week
Microsoft, FireEye confirm SolarWinds supply chain attack - ZD Net
Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails - ThreatPost
Microsoft removes update block for Windows 10 NVMe SSD devices - Bleeping Computer
MoleRats using Facebook, Dropbox, Google Docs to spread malware - HackRead
MountLocker ransomware now working through criminal affiliates - IT Pro
Mozilla shares fix for Netflix, Hulu errors on Apple Silicon Macs - Bleeping Computer
Norway’s Hurtigruten Hit By Major IT Hack - Life In Norway
Pornhub Removes All Unverified Content - InfoSecurity
Remote and cloud-based systems to be ruthlessly targeted next year - Help Net Security
Russian Hackers Steal Data for Months in Global Supply Chain Attacks - InfoSecurity
S.734 - Internet of Things Cybersecurity Improvement Act of 2019 - USA Congress GOV
SBI sounds alert for bank account holders over fake messages, phishing | Check details. - Zee Business
SEC filings: SolarWinds says 18,000 customers were impacted by recent hack - ZD Net
Serviços do Google passam por instabilidades nesta segunda-feira - Olhar Digital
Spotify Changes Passwords After Another Data Breach - ThreatPost
Sunburst: Supply Chain Attack Targets SolarWinds Users - Symantec Enterprise Blog
Suspected Russian Hackers Broke Into the U.S. Treasury - TechNadu
The new Wondershare PDFelement with added features - HackRead
Third-party online assets a growing security risk for retailers - Help Net Security
Three signs your SOC is ready for XDR - Help Net Security
Top US Federal Agencies Hacked by Russian Hackers – Report - HackRead
US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software - Security Affairs
U.S. Data Breach Affects Commerce, Treasury Departments - 9 and 10 News
US orders emergency actions after federal agencies confirm security breach - Industry Leaders
What’s at stake in the Computer Fraud and Abuse Act (CFAA) - Help Net Security
Windows 10 to get a built-in command-line disk space analyzer - Bleeping Computer
Your personal data could be for sale online for a lot less than you'd think - Tech Radar Pro
13/12/2020 - Domingo
'£1m fraud attempt stopped by Herts County Council staff' - Borehamwood & Elstree Times
Covid-related scams, misinformation and ransomware are on the rise: Report - The Hindu Business Line
Cyber‐attacks set to become more targeted in 2021, according to HP Inc. - PCI (Philippine Canadian Inquier)
Cybersecurity threats in 2021-The Manila Times
David Bruce: AHN donor information exposed in ransomware attack - GoErie
Facebook tracks 'OceanLotus' hackers to IT firm in Vietnam - Gadgets Now
Google reveals the most searched terms of 2020 - you'll probably guess a few… - Techradar Pro
Hacked Subway UK marketing system used in TrickBot phishing campaign - Security Affairs
Hackers selling 85,000 MySQL databases on dark web - Daiji World
Here's a Quick Guide to Safeguarding Credentials - E Hacking News
How to Set Up a VPN on Raspberry Pi in 2021 – Linux-Powered Privacy on Any Raspberry Device! - TechNadu
India, Australia report the highest number of targeted ransomware incidents in Asia-Pacific - The Indu Business Line