Notícias de Dezembro de 2020


18/12/2020


2020 broke cybersecurity records, here’s what’s to come in the new year - Help Net Security


2021 technology trends that business continuity managers need to be aware of - Continuity Central


5 essential steps needed to set up a secure e-commerce website - HackRead


5 reasons IT should consider client virtualization - Help Net Security


Analysis: The Impact of SolarWinds Hack - Data Breach Today


ASPI warns Canberra about security risk with current data centre procurement approach - ZD Net


Assurances sought Moray ambulance staff hit by data breach are receiving support - The Press and Journal


Biggest Healthcare Security Threats, Ransomware Trends into 2021 - Health IT Security


Bouncy Castle Bug Puts Bcrypt Passwords at Risk - InfoSecurity


Business email compromise (BEC) makes up 12% of the spear-phishing; reports Barracuda Networks - CXO Today


Cloud ITSM market size to grow to $12.2 billion by 2025 - Help Net Security


Decade-Long Data Silo to Address Google-Fitbit Privacy Concerns - InfoSecurity


DOJ Seizes $4 Million in Assets Tied to Phantom Secure - Data Breach Today


Enterprise phishing scams on the rise: Don’t overlook user error - Business Matters


Expedited shifts to hybrid infrastructure and remote work challenges - Help Net Security


Fake mobile version of Cyberpunk 2077 spreads ransomware - Security Affairs


FBI Warns of DoppelPaymer Ransomware Attack Surge - Bank info Security


GMIT data breach shows ugly reality behind screen of aspirational inclusivity - Irish Examiner


Google Extends Support Period for Android Devices - Security Week


Hotels.com, Expedia Sued Over Data Breach - Law Street


How to bring clarity to your critical communications strategy in 2021 - Continuity Central


IIROC schedules industry business continuity planning test - Continuity Central


Imagining a professional life without passwords - Help Net Security


Massive Cyberattack On US Government Exposes Shortcomings, Russia Named Top Suspect - E Hacking News


Microsoft and 40+ Customers Hit in Russian Espionage Attack - InfoSecurity


Microsoft says it identified 40+ victims of the SolarWinds hack - ZD Net


Microsoft was also a victim of the SolarWinds supply chain hack - Help Net Security


Mobile Security Threat to US Mobile Phones from China - CyberSecurity Insiders


MountLocker Ransomware Service Gaining Steam with Affiliates - MSSP Alert


People's Energy data breach affects all 270,000 customers - IT Pro


People’s Energy Data Breach Impacts 270,000 Customers - Silicon Co UK


Putin: the US State Department and the US intelligence agencies come up with fake about Russian hackers - E Hacking News


Ransomware’s Next Nasty Surprise: Pay Up Or We’ll Brick Your PC’s UEFI Firmware - Forbes


Service NSW not effectively handling private information: NSW Auditor-General - ZD Net


The Pros and Cons of Open-Source Tools - THWack


The US ‘National Nuclear Security Administration’ Is Among the Hacked Agencies - TechNadu


United States: Ransomware As Reminder: Back To Basics Of Cyber Readiness - Mondaq


UK Energy Firm Suffers Data Breach Impacting Entire Customer Database - InfoSecurity


What does the future of infosecurity entail? - Security Brief



17/12/2020


5 ways to lock down your Microsoft 365 account and keep hackers out - CNet


A first-hand account of ransomware: To pay or not to pay - Security Magazine


A new approach to scanning social media helps combat misinformation - Help Net Security


ACCC sues Facebook over user data breach - The Market Herald


Americans Don’t Trust the US Government — Especially with Their Data - CPO Magazine


Analysis of 5G Network Security Reveals Attack Possibilities - InfoSecurity


Attackers can exploit vulnerabilities in new 5G networks to steal subscriber data and impersonate users - Security Magazine


BEC Hits Double Digits as COVID-19 Scams Abound - InfoSecurity


Cost savings and security are key drivers of MSP adoption - Help Net Security


Digging the recently leaked Chinese Communist Party database - Security Affairs


Dutch Hacker Who Allegedly Broke into Trump’s Twitter Account Walks Free - Hot fir Security


Energy firm customers urgently warned data has been breached in hack - Birminghan Live


Enterprises Increase Security Spending but not Efficacy - Security Boulevard


“Evil mobile emulator farms” used to steal millions from US and EU banks - ARS Technica


Experts Urge Users to Ignore Facebook Christmas Bonus Scam - InfoSecurity


FBI, CISA officially confirm US govt hacks after SolarWinds breach - Bleeping Computer


Financial Services Industry Under Attack from a Surge in Credential Stuffing - InfoSecurity


FireEye, GoDaddy, and Microsoft created a kill switch for SolarWinds backdoor - Security Affairs


Get the attacker’s view on your cyber defence - Belfast Telegraph


Global account fraud decreased 23% in 2020 - Security Magazine


Google and Qualcomm Can Now Promise Four Android OS Version Upgrades - TechNadu


Hackney cyber attack causes property buyers’ deals to fall through - IT Governance


How employees view and manage company security - Help Net Security


How to Manage Shadow IT for the Benefit of Business and Employees - InfoSecurity


How to Use Password Length to Set Best Password Expiration Policy - The Hacker News


IBM launches experimental homomorphic data encryption environment for the enterprise - ZD Net


Identity Verification: Protecting Customer Data Across Borders - Security Boulevard


Investigation launched as medical details of patients found lying in street - Eastern Daily Press


Launched OSSISNa, the Observatory for the Protection of the National Strategic Industrial System -Security Affairs


Let’s backup for a second - Why cloud needs better protection - Racounter


Malicious Browser Extensions | Avast - Security Boulevard


Malicious Chrome and Edge Extensions Affect Millions of Users - InfoSecurity


Migration delays prevent AD-centric zero trust security framework adoption - Help Net Security


Mitigating Healthcare Ransomware Attacks - InfoSecurity


Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia - We Live Security


People's Energy data breach affects all 270,000 customers - BBC News


Phobos launches Orbital, a tool for finding attack pathways and entry points into your network - ZD Net


Phone scammers were able to get 270% more personal information in 2020 than in 2019 - TechRepublic


Ransomware 2.0 uses ‘pressure tactic’ to prey on organizations’ digital reputation in APAC - Back End News


Ransomware and Cyber-Extortion Payments Double in 2020 - InfoSecurity


'SocGholish' Attack Framework Powers Surge in Drive-By Attacks - Dark Reading


Software Supply-Chain Attack Hits Vietnam Government Certification Authority - The Hacker News


Stress levels are rising, but that doesn’t have to mean more security incidents - Help Net Security


The evolution of cybersecurity accessibility - Tech Engage


These Three Trends Will Shape Security And IT Challenges In 2021 - Forbes


This ‘off the shelf’ Tor backdoor malware is now a firm favorite with ransomware operators - ZD Net


Three million users installed 28 malicious Chrome or Edge extensions - ZD Net


Visual Notes : SolarWinds Supply Chain compromise using SUNBURST backdoor (detected by FireEye) - Security Boulevard


Zero-trust is the new Safe - Inquirer Net


Windows backdoor SystemBC being used by RaaS affiliates - ITWire


When zombie malware leads to big-money ransomware attacks - Naked Security by Sophos



16/12/2020


35% of organizations believe the NIS Directive expectations are unclear - Help Net Security


45 million medical images left exposed online - Help Net Security


Accelerated cloud migration may leave business data insecure - Help Net Security


Apple now shows you all the ways iOS apps track you - ZD Net


DEFCON 201 Online Meet Up — December 2020 — XmasCon - DEFCON 201


Double extortion raising the stakes for ransomware victims - teiss


Emulated mobile devices used to steal millions from US, EU banks - Bleeping Computer


EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants - Security Affairs


Facebook to move all UK users onto US agreements - BBC News


FICO launches cryptocurrency trade risk solution for banks - ZD Net


FireEye, Microsoft create kill switch for SolarWinds backdoor - Bleeping Computer


German Government Backs Bill Requiring 5G Security Pledge - Security Week


Google quietly buys company that turns your old Windows 7 PC into Chrome OS machine - ZD Net


HPE discloses critical zero-day in server management software - Bleeping Computer


How Spin-a-wheel scam is ‘phishing’ for users - The Hindu Business Line


How to avoid getting caught in ransomware's crosshairs - betanews


Is it Time to Rethink Cybersecurity Training? - InfoSecurity


Malicious Chrome, Edge extensions with 3M installs still in stores - Bleeping Computer


Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ - Krebs on Security


Malicious RubyGems packages used in cryptocurrency supply chain attack - Bleeping Computer


Microsoft Authenticator brings password autofill to mobile devices - Bleeping Computer


Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack - Security Affairs


Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow - ZD Net


Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird - Cybersecurity & Infrastructure Security Agency


New 5G Network Flaws Let Attackers Track Users' Locations and Steal Data - The Hacker News


New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor - The Hacker News


New Account Fraud Surges 28% in the UK as Global Rates Drop - InfoSecurity


New Goontact spyware discovered targeting Android and iOS users - ZD Net


New spyware used by sextortionists to blackmail iOS and Android users exposed by Lookout - Security Magazine


Prioritize Cybersecurity to Protect Your Business Before It Is Too Late - Entrepreneur


PyMICROPSIA Windows malware includes checks for Linux and macOS - Security Affairs


RAM-Generated Wi-Fi Signals Allow Data Exfiltration From Air-Gapped Systems - Security Week


Ransomware Attackers Using SystemBC Malware With RAT and Tor Proxy - The Hacker News


Ransomware gangs automate payload delivery with SystemBC malware - Bleeping Computer


Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor - Sophos


Recent Spear-Phishing Attacks Originate From Legit Accounts - Bank Info Security


Researchers develop tool that automates device programming in the IoT - Help Net Security


Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor - Threatpost


Security automation: Time for a new playbook - Help Net Security


Service NSW data breach affected 80,000 fewer people than first thought - The Sydney Morning Herald


Sextortion campaign uses Goontact spyware to target Android and iOS users - Security Affairs


Singapore adds face verification, multi-user SMS to SingPass 2FA - ZD Net


SolarWinds: Why the Sunburst hack is so serious - BBC News


SolarWinds said no other products were compromised in recent hack - ZD Net


The SolarWinds and US government breach is not a marketing opportunity - ZD Net


Thousands of D-Link VPN Routers Vulnerable to Device Takeover Attacks - Toolbox


Total Published CVEs Hits Record High for Fourth Year - InfoSecurity


Trump's Twitter account was hacked, Dutch ministry confirms - The Guardian


UK proposes new powers for comms regulator to legally unleash avenging hordes on security-breached telcos - Cyber Report


Watchdog criticises finance co-op Desjardins over data breach - The News COOP


What is Geocoding? — How to Find Coordinates of An Address - The Hacker News


15/12/2020


2021 will be a cybercrime bruiser - IT-Online


42% of security leaders said the pandemic has changed their cybersecurity priorities - Help Net Security


7 online scams you need to be aware of this Christmas - House Beautiful


Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems - ZD Net


Apple addressed multiple code execution flaws in iOS and iPadOS - Security Affairs


ASD leaves TikTok ban decisions in departmental hands - ZD Net


Beware: New malwares target users in UAE, region for espionage - Khaleej Times


California Hospital Notifies 67k Patients of Data Breach - InfoSecurity


Countries that retaliate too much against cyberattacks make things worse for themselves - Help Net Security


DHS, CISA and NCSC Issue Warnings After SolarWinds Attack - InfoSecurity


DVLA issues urgent scam warning to drivers - Lancashire Telegraph


Facebook to move UK users to California terms, avoiding EU privacy rules - Reuters


Fitzsimmons claims trust is always factored into government-built tech systems - ZD Net


Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices - Security Affairs


Frauds galore in the name of ‘Work From Home’ - Telangana Today


Global Internet of Things (IoT) Security Technology Market 2020 Growth Analysis – Cisco, Trend micro, IBM, Intel, Gemalto, Infineon, HP Enterprise Company - Wall Street Call


Government Threatens Tech Firms with Fines of 10% of Turnover - InfoSecurity


Hackers Steal $8.2M Worth of NXM Tokens from Nexus Mutual CEO’s - Inside Bitcoins


High-risk vulnerabilities discovery increased 65% in 2020 - Help Net Security


Hospitals are leaving millions of sensitive medical images exposed online - ZD Net


How understanding cognitive science can strengthen cybersecurity's weak links - Tech Republic


Ireland's hospitals at risk of deadly cyber-attacks, leading security expert warns - Irish Examiner


IRS warns of scam texts claiming to send fake stimulus check - Fox32 Chicago


Magic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199) - Trustwave


Major Norway cruise line Hurtigruten hit by 'comprehensive' ransomware cyberattack - USA Today


Millions of Medical Imaging Files Freely Accessible on Unprotected Servers - InfoSecurity


More than half of organizations don’t have an insider risk response plan - Help Net Security


Nearly 18,000 SolarWinds Customers Installed Backdoored Software - The Hacker News


Over 4,000 privacy complaints made about Aussie telcos in FY20 - ZD Net


Over 45 million medical images exposed by healthcare organisations - Verdict


Ransomware outed as cause of State Transit Authority outage - ITNews


Resident Evil 8 Story And Ending Leaked By Ransomware Attackers - Republic World


Russian hackers broke into the systems of the United States Department of the Treasury and Department of Commerce - E Hacking News


Secure enclave protection for AI and ML -Help Net Security


SoReL-20M Sophos & ReversingLabs release 10 million disarmed samples for malware study - Security Affairs


The Binary Security story: A cybersecurity startup run out of Darwin - ZD Net


Twitter fined ~$550K over a data breach in Ireland’s first major GDPR decision - Tech Crunch


Twitter Fined Half A Million Dollars For Late Data Breach Reporting - Mashable india



14/12/2020


10 common types of malware and how to combat the threat - DataQuest


18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack - Dark Reading


Agências dos EUA são atacadas pelo mesmo grupo que invadiu a FireEye - The Hack


Apple introduces privacy information for apps across all of its stores - ZD Net


Assessing the New Normal for Cybersecurity - Security Boulevard


Australian travel agency criticized over coding event that exposed sensitive user data to external software developers - The Daily Swig


Attackers hit US Treasury through Microsoft Office 365; SolarWinds opens door to others - ITWire


Clop Ransomware Encrypts E-Land Retail Computers After Stealing 2 Million Credit Card Details Using POS Malware - CPO Magazine


Confidence in print security drops and data breach costs rise - Computer Weekly


Counterfeit Covid-19 Vaccines are Being Offered on the Dark Web - Digit


Covid-19 ‘Vaccines’ Touted for Just $250 on Darknet - Express Computer


Cybersecurity experts hail new IoT law - Tech Republic


Cybersecurity firm warns vs ‘Ransomware 2.0’, ‘pressure tactics’ - Inquirer NET


Data Leak Exposes Details of Two Million Chinese Communist Party Members - InfoSecurity


Desjardins had 'series of gaps' in system, leading to massive data breach - Yahoo! Finance


Details for 1.9M members of Chinese Communist Party Members leaked - Security Affairs


DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report - ThreatPost


Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov - Security Week


Gmail 'hacked': Google users warned of massive data breach after global outage - Express CO UK


Former Cisco Engineer Gets Two Years for $2.4M WebEx Attack - InfoSecurity


Frost & Sullivan Names Menlo Security a Growth and Innovation Leader in the APAC Web Security Market - Security Boulevard


Google’s Data Security: How Google Protects your Data from Cyber Threats? - E Hacking News


Google down: Gmail, Docs, YouTube users hit by outage - ZD Net


Google outage affecting YouTube, Gmail and more - Bleeping Computer


Google, YouTube, Gmail service suffered major outage worldwide - HackRead


Hackers breached U.S. government agencies via compromised SolarWinds Orion software - Help Net Security


Hackers line up for bumper payday ahead of record breaking Black Friday - IT Pro Portal


Hacking group’s new malware abuses Google and Facebook services - Bleeping Computer


How COVID-19 has impacted the security threat landscape - Help Net Security


How scammers target PayPal users and how you can stay safe - We Live Security


How to make DevSecOps stick with developers - Help Net Security


How to Protect and Keep Your Digital Wallets Safe - HackRead


How to recover from ransomware when prevention fails - CRN


Indiana Supreme Court deciding whether ransomware attacks are covered by insurance - 95.3 MNC


Is it Time for the Network to Shoulder More of the Burden of Information Security? - InfoSecurity


Latest cyber security worry—covid vaccines 'on sale' - The Week


Microsoft, FireEye confirm SolarWinds supply chain attack - ZD Net


Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails - ThreatPost


Microsoft removes update block for Windows 10 NVMe SSD devices - Bleeping Computer


MoleRats using Facebook, Dropbox, Google Docs to spread malware - HackRead


MountLocker ransomware now working through criminal affiliates - IT Pro


Mozilla shares fix for Netflix, Hulu errors on Apple Silicon Macs - Bleeping Computer


Norway’s Hurtigruten Hit By Major IT Hack - Life In Norway


Pornhub Removes All Unverified Content - InfoSecurity


Remote and cloud-based systems to be ruthlessly targeted next year - Help Net Security


Russian Hackers Steal Data for Months in Global Supply Chain Attacks - InfoSecurity


S.734 - Internet of Things Cybersecurity Improvement Act of 2019 - USA Congress GOV


SBI sounds alert for bank account holders over fake messages, phishing | Check details. - Zee Business


SEC filings: SolarWinds says 18,000 customers were impacted by recent hack - ZD Net


Serviços do Google passam por instabilidades nesta segunda-feira - Olhar Digital


Spotify Changes Passwords After Another Data Breach - ThreatPost


Sunburst: Supply Chain Attack Targets SolarWinds Users - Symantec Enterprise Blog


Suspected Russian Hackers Broke Into the U.S. Treasury - TechNadu


The new Wondershare PDFelement with added features - HackRead


Third-party online assets a growing security risk for retailers - Help Net Security


Three signs your SOC is ready for XDR - Help Net Security


Top US Federal Agencies Hacked by Russian Hackers – Report - HackRead


US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software - Security Affairs


U.S. Data Breach Affects Commerce, Treasury Departments - 9 and 10 News


US orders emergency actions after federal agencies confirm security breach - Industry Leaders


What’s at stake in the Computer Fraud and Abuse Act (CFAA) - Help Net Security


Windows 10 to get a built-in command-line disk space analyzer - Bleeping Computer


Your personal data could be for sale online for a lot less than you'd think - Tech Radar Pro


13/12/2020 - Domingo


'£1m fraud attempt stopped by Herts County Council staff' - Borehamwood & Elstree Times


Covid-related scams, misinformation and ransomware are on the rise: Report - The Hindu Business Line


Cyber‐attacks set to become more targeted in 2021, according to HP Inc. - PCI (Philippine Canadian Inquier)


Cybersecurity threats in 2021-The Manila Times


David Bruce: AHN donor information exposed in ransomware attack - GoErie


Facebook tracks 'OceanLotus' hackers to IT firm in Vietnam - Gadgets Now


Google reveals the most searched terms of 2020 - you'll probably guess a few… - Techradar Pro


Hacked Subway UK marketing system used in TrickBot phishing campaign - Security Affairs


Hackers selling 85,000 MySQL databases on dark web - Daiji World


Here's a Quick Guide to Safeguarding Credentials - E Hacking News


How to Set Up a VPN on a Mac in 2021 – Get a Native App, a Third-Party VPN App, or Configure Manually! - TechNadu


How to Set Up a VPN on Raspberry Pi in 2021 – Linux-Powered Privacy on Any Raspberry Device! - TechNadu


India, Australia report the highest number of targeted ransomware incidents in Asia-Pacific - The Indu Business Line


Israel's supply chain targeted in massive cyberattack - Calcalist Tech


Intel's Habana Labs hacked by Pay2Key ransomware, data stolen - Bleeping Computer


Ledger Wallet Customer Data Leak Invokes Threats, Phishing Scams, User Allegedly Loses Life Savings - Bitcoin


Pay2Key hackers stole data from Intel’s Habana Labs - Security Affairs


PgMiner botnet attacks weakly secured PostgreSQL databases - ZD Net


Popular Browsers Like Google Fail to Catch Copycat Crypto Sites, Scams Make the Top Results - Bitcoin


Ransomware hackers are now calling up their victims to add pressure - The Star


Securing your online sales from cybersecurity threats during Christmas and beyond - ITP Net


Top tips from Action Fraud to protect yourself when shopping online - Lancashire Telegraph


Week in review: FireEye breach, vulnerable TCP/IP stacks, Kali Linux and the future of pentesting - Help Net Security



12/12/2020


Adobe releases final Flash Player update, warns of 2021 kill switch - Bleeping Computer


Cyberattackers threaten to publish private data allegedly stripped from Auckland financial services company - Stuff


Dark Web’s only Finnish language market Sipulimarket seized - HackRead


Facebook links activities of OceanLotus hackers to IT firm in Vietnam - HackRead


FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning - Dark Reading


Former Cisco engineer sentenced to prison for deleting 16k Webex accounts - ZD Net


In just a few days, McDonald's customers may not like what they see - ZD Net


Microsoft Warns of Powerful New Adware - Dark Reading


NI CompactRIO controller flaw could allow disrupting production - Security Affairs


Scientists develop smartphone-read saliva testing method for Covid-19 - Gadgets Now