Notícias de Dezembro de 2020

18/12/2020

2020 broke cybersecurity records, here’s what’s to come in the new year - Help Net Security

2021 technology trends that business continuity managers need to be aware of - Continuity Central

5 essential steps needed to set up a secure e-commerce website - HackRead

5 reasons IT should consider client virtualization - Help Net Security

Analysis: The Impact of SolarWinds Hack - Data Breach Today

ASPI warns Canberra about security risk with current data centre procurement approach - ZD Net

Assurances sought Moray ambulance staff hit by data breach are receiving support - The Press and Journal

Biggest Healthcare Security Threats, Ransomware Trends into 2021 - Health IT Security

Bouncy Castle Bug Puts Bcrypt Passwords at Risk - InfoSecurity

Business email compromise (BEC) makes up 12% of the spear-phishing; reports Barracuda Networks - CXO Today

Cloud ITSM market size to grow to $12.2 billion by 2025 - Help Net Security

Decade-Long Data Silo to Address Google-Fitbit Privacy Concerns - InfoSecurity

DOJ Seizes $4 Million in Assets Tied to Phantom Secure - Data Breach Today

Enterprise phishing scams on the rise: Don’t overlook user error - Business Matters

Expedited shifts to hybrid infrastructure and remote work challenges - Help Net Security

Fake mobile version of Cyberpunk 2077 spreads ransomware - Security Affairs

FBI Warns of DoppelPaymer Ransomware Attack Surge - Bank info Security

GMIT data breach shows ugly reality behind screen of aspirational inclusivity - Irish Examiner

Google Extends Support Period for Android Devices - Security Week

Hotels.com, Expedia Sued Over Data Breach - Law Street

How to bring clarity to your critical communications strategy in 2021 - Continuity Central

IIROC schedules industry business continuity planning test - Continuity Central

Imagining a professional life without passwords - Help Net Security

Massive Cyberattack On US Government Exposes Shortcomings, Russia Named Top Suspect - E Hacking News

Microsoft and 40+ Customers Hit in Russian Espionage Attack - InfoSecurity

Microsoft says it identified 40+ victims of the SolarWinds hack - ZD Net

Microsoft was also a victim of the SolarWinds supply chain hack - Help Net Security

Mobile Security Threat to US Mobile Phones from China - CyberSecurity Insiders

MountLocker Ransomware Service Gaining Steam with Affiliates - MSSP Alert

People's Energy data breach affects all 270,000 customers - IT Pro

People’s Energy Data Breach Impacts 270,000 Customers - Silicon Co UK

Putin: the US State Department and the US intelligence agencies come up with fake about Russian hackers - E Hacking News

Ransomware’s Next Nasty Surprise: Pay Up Or We’ll Brick Your PC’s UEFI Firmware - Forbes

Service NSW not effectively handling private information: NSW Auditor-General - ZD Net

The Pros and Cons of Open-Source Tools - THWack

The US ‘National Nuclear Security Administration’ Is Among the Hacked Agencies - TechNadu

United States: Ransomware As Reminder: Back To Basics Of Cyber Readiness - Mondaq

UK Energy Firm Suffers Data Breach Impacting Entire Customer Database - InfoSecurity

What does the future of infosecurity entail? - Security Brief

17/12/2020

5 ways to lock down your Microsoft 365 account and keep hackers out - CNet

A first-hand account of ransomware: To pay or not to pay - Security Magazine

A new approach to scanning social media helps combat misinformation - Help Net Security

ACCC sues Facebook over user data breach - The Market Herald

Americans Don’t Trust the US Government — Especially with Their Data - CPO Magazine

Analysis of 5G Network Security Reveals Attack Possibilities - InfoSecurity

Attackers can exploit vulnerabilities in new 5G networks to steal subscriber data and impersonate users - Security Magazine

BEC Hits Double Digits as COVID-19 Scams Abound - InfoSecurity

Cost savings and security are key drivers of MSP adoption - Help Net Security

Digging the recently leaked Chinese Communist Party database - Security Affairs

Dutch Hacker Who Allegedly Broke into Trump’s Twitter Account Walks Free - Hot fir Security

Energy firm customers urgently warned data has been breached in hack - Birminghan Live

Enterprises Increase Security Spending but not Efficacy - Security Boulevard

“Evil mobile emulator farms” used to steal millions from US and EU banks - ARS Technica

Experts Urge Users to Ignore Facebook Christmas Bonus Scam - InfoSecurity

FBI, CISA officially confirm US govt hacks after SolarWinds breach - Bleeping Computer

Financial Services Industry Under Attack from a Surge in Credential Stuffing - InfoSecurity

FireEye, GoDaddy, and Microsoft created a kill switch for SolarWinds backdoor - Security Affairs

Get the attacker’s view on your cyber defence - Belfast Telegraph

Global account fraud decreased 23% in 2020 - Security Magazine

Google and Qualcomm Can Now Promise Four Android OS Version Upgrades - TechNadu

Hackney cyber attack causes property buyers’ deals to fall through - IT Governance

How employees view and manage company security - Help Net Security

How to Manage Shadow IT for the Benefit of Business and Employees - InfoSecurity

How to Use Password Length to Set Best Password Expiration Policy - The Hacker News

IBM launches experimental homomorphic data encryption environment for the enterprise - ZD Net

Identity Verification: Protecting Customer Data Across Borders - Security Boulevard

Investigation launched as medical details of patients found lying in street - Eastern Daily Press

Launched OSSISNa, the Observatory for the Protection of the National Strategic Industrial System -Security Affairs

Let’s backup for a second - Why cloud needs better protection - Racounter

Malicious Browser Extensions | Avast - Security Boulevard

Malicious Chrome and Edge Extensions Affect Millions of Users - InfoSecurity

Migration delays prevent AD-centric zero trust security framework adoption - Help Net Security

Mitigating Healthcare Ransomware Attacks - InfoSecurity

Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia - We Live Security

People's Energy data breach affects all 270,000 customers - BBC News

Phobos launches Orbital, a tool for finding attack pathways and entry points into your network - ZD Net

Phone scammers were able to get 270% more personal information in 2020 than in 2019 - TechRepublic

Ransomware 2.0 uses ‘pressure tactic’ to prey on organizations’ digital reputation in APAC - Back End News

Ransomware and Cyber-Extortion Payments Double in 2020 - InfoSecurity

'SocGholish' Attack Framework Powers Surge in Drive-By Attacks - Dark Reading

Software Supply-Chain Attack Hits Vietnam Government Certification Authority - The Hacker News

Stress levels are rising, but that doesn’t have to mean more security incidents - Help Net Security

The evolution of cybersecurity accessibility - Tech Engage

These Three Trends Will Shape Security And IT Challenges In 2021 - Forbes

This ‘off the shelf’ Tor backdoor malware is now a firm favorite with ransomware operators - ZD Net

Three million users installed 28 malicious Chrome or Edge extensions - ZD Net

Visual Notes : SolarWinds Supply Chain compromise using SUNBURST backdoor (detected by FireEye) - Security Boulevard

Zero-trust is the new Safe - Inquirer Net

Windows backdoor SystemBC being used by RaaS affiliates - ITWire

When zombie malware leads to big-money ransomware attacks - Naked Security by Sophos

16/12/2020

35% of organizations believe the NIS Directive expectations are unclear - Help Net Security

45 million medical images left exposed online - Help Net Security

Accelerated cloud migration may leave business data insecure - Help Net Security

Apple now shows you all the ways iOS apps track you - ZD Net

DEFCON 201 Online Meet Up — December 2020 — XmasCon - DEFCON 201

Double extortion raising the stakes for ransomware victims - teiss

Emulated mobile devices used to steal millions from US, EU banks - Bleeping Computer

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants - Security Affairs

Facebook to move all UK users onto US agreements - BBC News

FICO launches cryptocurrency trade risk solution for banks - ZD Net

FireEye, Microsoft create kill switch for SolarWinds backdoor - Bleeping Computer

German Government Backs Bill Requiring 5G Security Pledge - Security Week

Google quietly buys company that turns your old Windows 7 PC into Chrome OS machine - ZD Net

HPE discloses critical zero-day in server management software - Bleeping Computer

How Spin-a-wheel scam is ‘phishing’ for users - The Hindu Business Line

How to avoid getting caught in ransomware's crosshairs - betanews

Is it Time to Rethink Cybersecurity Training? - InfoSecurity

Malicious Chrome, Edge extensions with 3M installs still in stores - Bleeping Computer

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’ - Krebs on Security

Malicious RubyGems packages used in cryptocurrency supply chain attack - Bleeping Computer

Microsoft Authenticator brings password autofill to mobile devices - Bleeping Computer

Microsoft partnered with security firms to sinkhole the C2 used in SolarWinds hack - Security Affairs

Microsoft to quarantine SolarWinds apps linked to recent hack starting tomorrow - ZD Net

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird - Cybersecurity & Infrastructure Security Agency

New 5G Network Flaws Let Attackers Track Users' Locations and Steal Data - The Hacker News

New Evidence Suggests SolarWinds' Codebase Was Hacked to Inject Backdoor - The Hacker News

New Account Fraud Surges 28% in the UK as Global Rates Drop - InfoSecurity

New Goontact spyware discovered targeting Android and iOS users - ZD Net

New spyware used by sextortionists to blackmail iOS and Android users exposed by Lookout - Security Magazine

Prioritize Cybersecurity to Protect Your Business Before It Is Too Late - Entrepreneur

PyMICROPSIA Windows malware includes checks for Linux and macOS - Security Affairs

RAM-Generated Wi-Fi Signals Allow Data Exfiltration From Air-Gapped Systems - Security Week

Ransomware Attackers Using SystemBC Malware With RAT and Tor Proxy - The Hacker News

Ransomware gangs automate payload delivery with SystemBC malware - Bleeping Computer

Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor - Sophos

Recent Spear-Phishing Attacks Originate From Legit Accounts - Bank Info Security

Researchers develop tool that automates device programming in the IoT - Help Net Security

Ryuk, Egregor Ransomware Attacks Leverage SystemBC Backdoor - Threatpost

Security automation: Time for a new playbook - Help Net Security

Service NSW data breach affected 80,000 fewer people than first thought - The Sydney Morning Herald

Sextortion campaign uses Goontact spyware to target Android and iOS users - Security Affairs

Singapore adds face verification, multi-user SMS to SingPass 2FA - ZD Net

SolarWinds: Why the Sunburst hack is so serious - BBC News

SolarWinds said no other products were compromised in recent hack - ZD Net

The SolarWinds and US government breach is not a marketing opportunity - ZD Net

Thousands of D-Link VPN Routers Vulnerable to Device Takeover Attacks - Toolbox

Total Published CVEs Hits Record High for Fourth Year - InfoSecurity

Trump's Twitter account was hacked, Dutch ministry confirms - The Guardian

UK proposes new powers for comms regulator to legally unleash avenging hordes on security-breached telcos - Cyber Report

Watchdog criticises finance co-op Desjardins over data breach - The News COOP

What is Geocoding? — How to Find Coordinates of An Address - The Hacker News

15/12/2020

2021 will be a cybercrime bruiser - IT-Online

42% of security leaders said the pandemic has changed their cybersecurity priorities - Help Net Security

7 online scams you need to be aware of this Christmas - House Beautiful

Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems - ZD Net

Apple addressed multiple code execution flaws in iOS and iPadOS - Security Affairs

ASD leaves TikTok ban decisions in departmental hands - ZD Net

Beware: New malwares target users in UAE, region for espionage - Khaleej Times

California Hospital Notifies 67k Patients of Data Breach - InfoSecurity

Countries that retaliate too much against cyberattacks make things worse for themselves - Help Net Security

DHS, CISA and NCSC Issue Warnings After SolarWinds Attack - InfoSecurity

DVLA issues urgent scam warning to drivers - Lancashire Telegraph

Facebook to move UK users to California terms, avoiding EU privacy rules - Reuters

Fitzsimmons claims trust is always factored into government-built tech systems - ZD Net

Flaws in Medtronic MyCareLink can allow attackers to take over implanted cardiac devices - Security Affairs

Frauds galore in the name of ‘Work From Home’ - Telangana Today

Global Internet of Things (IoT) Security Technology Market 2020 Growth Analysis – Cisco, Trend micro, IBM, Intel, Gemalto, Infineon, HP Enterprise Company - Wall Street Call

Government Threatens Tech Firms with Fines of 10% of Turnover - InfoSecurity

Hackers Steal $8.2M Worth of NXM Tokens from Nexus Mutual CEO’s - Inside Bitcoins

High-risk vulnerabilities discovery increased 65% in 2020 - Help Net Security

Hospitals are leaving millions of sensitive medical images exposed online - ZD Net

How understanding cognitive science can strengthen cybersecurity's weak links - Tech Republic

Ireland's hospitals at risk of deadly cyber-attacks, leading security expert warns - Irish Examiner

IRS warns of scam texts claiming to send fake stimulus check - Fox32 Chicago

Magic Home Pro Mobile Application Authentication Bypass (CVE-2020-27199) - Trustwave

Major Norway cruise line Hurtigruten hit by 'comprehensive' ransomware cyberattack - USA Today

Millions of Medical Imaging Files Freely Accessible on Unprotected Servers - InfoSecurity

More than half of organizations don’t have an insider risk response plan - Help Net Security

Nearly 18,000 SolarWinds Customers Installed Backdoored Software - The Hacker News

Over 4,000 privacy complaints made about Aussie telcos in FY20 - ZD Net

Over 45 million medical images exposed by healthcare organisations - Verdict

Ransomware outed as cause of State Transit Authority outage - ITNews

Resident Evil 8 Story And Ending Leaked By Ransomware Attackers - Republic World

Russian hackers broke into the systems of the United States Department of the Treasury and Department of Commerce - E Hacking News

Secure enclave protection for AI and ML -Help Net Security

SoReL-20M Sophos & ReversingLabs release 10 million disarmed samples for malware study - Security Affairs

The Binary Security story: A cybersecurity startup run out of Darwin - ZD Net

Twitter fined ~$550K over a data breach in Ireland’s first major GDPR decision - Tech Crunch

Twitter Fined Half A Million Dollars For Late Data Breach Reporting - Mashable india

14/12/2020

10 common types of malware and how to combat the threat - DataQuest

18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack - Dark Reading

Agências dos EUA são atacadas pelo mesmo grupo que invadiu a FireEye - The Hack

Apple introduces privacy information for apps across all of its stores - ZD Net

Assessing the New Normal for Cybersecurity - Security Boulevard

Australian travel agency criticized over coding event that exposed sensitive user data to external software developers - The Daily Swig

Attackers hit US Treasury through Microsoft Office 365; SolarWinds opens door to others - ITWire

Clop Ransomware Encrypts E-Land Retail Computers After Stealing 2 Million Credit Card Details Using POS Malware - CPO Magazine

Confidence in print security drops and data breach costs rise - Computer Weekly

Counterfeit Covid-19 Vaccines are Being Offered on the Dark Web - Digit

Covid-19 ‘Vaccines’ Touted for Just $250 on Darknet - Express Computer

Cybersecurity experts hail new IoT law - Tech Republic

Cybersecurity firm warns vs ‘Ransomware 2.0’, ‘pressure tactics’ - Inquirer NET

Data Leak Exposes Details of Two Million Chinese Communist Party Members - InfoSecurity

Desjardins had 'series of gaps' in system, leading to massive data breach - Yahoo! Finance

Details for 1.9M members of Chinese Communist Party Members leaked - Security Affairs

DHS Among Those Hit in Sophisticated Cyberattack by Foreign Adversaries – Report - ThreatPost

Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov - Security Week

Gmail 'hacked': Google users warned of massive data breach after global outage - Express CO UK

Former Cisco Engineer Gets Two Years for $2.4M WebEx Attack - InfoSecurity

Frost & Sullivan Names Menlo Security a Growth and Innovation Leader in the APAC Web Security Market - Security Boulevard

Google’s Data Security: How Google Protects your Data from Cyber Threats? - E Hacking News

Google down: Gmail, Docs, YouTube users hit by outage - ZD Net

Google outage affecting YouTube, Gmail and more - Bleeping Computer

Google, YouTube, Gmail service suffered major outage worldwide - HackRead

Hackers breached U.S. government agencies via compromised SolarWinds Orion software - Help Net Security

Hackers line up for bumper payday ahead of record breaking Black Friday - IT Pro Portal

Hacking group’s new malware abuses Google and Facebook services - Bleeping Computer

How COVID-19 has impacted the security threat landscape - Help Net Security

How scammers target PayPal users and how you can stay safe - We Live Security

How to make DevSecOps stick with developers - Help Net Security

How to Protect and Keep Your Digital Wallets Safe - HackRead

How to recover from ransomware when prevention fails - CRN

Indiana Supreme Court deciding whether ransomware attacks are covered by insurance - 95.3 MNC

Is it Time for the Network to Shoulder More of the Burden of Information Security? - InfoSecurity

Latest cyber security worry—covid vaccines 'on sale' - The Week

Microsoft, FireEye confirm SolarWinds supply chain attack - ZD Net

Microsoft Office 365 Credentials Under Attack By Fax ‘Alert’ Emails - ThreatPost

Microsoft removes update block for Windows 10 NVMe SSD devices - Bleeping Computer

MoleRats using Facebook, Dropbox, Google Docs to spread malware - HackRead

MountLocker ransomware now working through criminal affiliates - IT Pro

Mozilla shares fix for Netflix, Hulu errors on Apple Silicon Macs - Bleeping Computer

Norway’s Hurtigruten Hit By Major IT Hack - Life In Norway

Pornhub Removes All Unverified Content - InfoSecurity

Remote and cloud-based systems to be ruthlessly targeted next year - Help Net Security

Russian Hackers Steal Data for Months in Global Supply Chain Attacks - InfoSecurity

S.734 - Internet of Things Cybersecurity Improvement Act of 2019 - USA Congress GOV

SBI sounds alert for bank account holders over fake messages, phishing | Check details. - Zee Business

SEC filings: SolarWinds says 18,000 customers were impacted by recent hack - ZD Net

Serviços do Google passam por instabilidades nesta segunda-feira - Olhar Digital

Spotify Changes Passwords After Another Data Breach - ThreatPost

Sunburst: Supply Chain Attack Targets SolarWinds Users - Symantec Enterprise Blog

Suspected Russian Hackers Broke Into the U.S. Treasury - TechNadu

The new Wondershare PDFelement with added features - HackRead

Third-party online assets a growing security risk for retailers - Help Net Security

Three signs your SOC is ready for XDR - Help Net Security

Top US Federal Agencies Hacked by Russian Hackers – Report - HackRead

US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software - Security Affairs

U.S. Data Breach Affects Commerce, Treasury Departments - 9 and 10 News

US orders emergency actions after federal agencies confirm security breach - Industry Leaders

What’s at stake in the Computer Fraud and Abuse Act (CFAA) - Help Net Security

Windows 10 to get a built-in command-line disk space analyzer - Bleeping Computer

Your personal data could be for sale online for a lot less than you'd think - Tech Radar Pro

13/12/2020 - Domingo

'£1m fraud attempt stopped by Herts County Council staff' - Borehamwood & Elstree Times

Covid-related scams, misinformation and ransomware are on the rise: Report - The Hindu Business Line

Cyber‐attacks set to become more targeted in 2021, according to HP Inc. - PCI (Philippine Canadian Inquier)

Cybersecurity threats in 2021-The Manila Times

David Bruce: AHN donor information exposed in ransomware attack - GoErie

Facebook tracks 'OceanLotus' hackers to IT firm in Vietnam - Gadgets Now

Google reveals the most searched terms of 2020 - you'll probably guess a few… - Techradar Pro

Hacked Subway UK marketing system used in TrickBot phishing campaign - Security Affairs

Hackers selling 85,000 MySQL databases on dark web - Daiji World

Here's a Quick Guide to Safeguarding Credentials - E Hacking News

How to Set Up a VPN on a Mac in 2021 – Get a Native App, a Third-Party VPN App, or Configure Manually! - TechNadu

How to Set Up a VPN on Raspberry Pi in 2021 – Linux-Powered Privacy on Any Raspberry Device! - TechNadu

India, Australia report the highest number of targeted ransomware incidents in Asia-Pacific - The Indu Business Line

Israel's supply chain targeted in massive cyberattack - Calcalist Tech

Intel's Habana Labs hacked by Pay2Key ransomware, data stolen - Bleeping Computer

Ledger Wallet Customer Data Leak Invokes Threats, Phishing Scams, User Allegedly Loses Life Savings - Bitcoin

Pay2Key hackers stole data from Intel’s Habana Labs - Security Affairs

PgMiner botnet attacks weakly secured PostgreSQL databases - ZD Net

Popular Browsers Like Google Fail to Catch Copycat Crypto Sites, Scams Make the Top Results - Bitcoin

Ransomware hackers are now calling up their victims to add pressure - The Star

Securing your online sales from cybersecurity threats during Christmas and beyond - ITP Net

Top tips from Action Fraud to protect yourself when shopping online - Lancashire Telegraph

Week in review: FireEye breach, vulnerable TCP/IP stacks, Kali Linux and the future of pentesting - Help Net Security

12/12/2020

Adobe releases final Flash Player update, warns of 2021 kill switch - Bleeping Computer

Cyberattackers threaten to publish private data allegedly stripped from Auckland financial services company - Stuff

Dark Web’s only Finnish language market Sipulimarket seized - HackRead

Facebook links activities of OceanLotus hackers to IT firm in Vietnam - HackRead

FBI, CISA, MS-ISAC: Cybercriminals Increasingly Attacking K-12 Distance Learning - Dark Reading

Former Cisco engineer sentenced to prison for deleting 16k Webex accounts - ZD Net

In just a few days, McDonald's customers may not like what they see - ZD Net

Microsoft Warns of Powerful New Adware - Dark Reading

NI CompactRIO controller flaw could allow disrupting production - Security Affairs

Scientists develop smartphone-read saliva testing method for Covid-19 - Gadgets Now

Several Companies Are Tracking Smartphone Users Through Ads - TechNadu

Subway marketing system hacked to send TrickBot malware emails - Bleeping Computer

WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack - Security Affairs

11/12/2020

2021 predictions: The rise of cyber resilience - Help Net Security

40% of COVID-19 contact tracing apps lack basic protections - Help Net Security

6 Biggest Healthcare Data Breaches of 2020 - Toolbox

Ad-injecting malware hijacks Chrome, Edge, Firefox - Help Net Security

Adrozek malware silently inject ads into search results in multiple browsers - Security Affairs

Advantech Hit by Ransomware - Electropages

Analysis of FireEye Breach: Is Nothing Safe? - Bank Info Security

Australian intelligence community seeking to build a top-secret cloud - ZD Net

Brazil’s Health Ministry’s Website Data Leak Exposed 243 Million Medical Records for More Than 6 Months - CPO Magazine

CISA and FBI warn of rise in ransomware attacks targeting K-12 schools - ZD Net

Cisco 9.9/10-severity bug: Patch these dangerous Jabber flaws for Windows, macOS - ZD Net

CISOs Preparing for DNS Attacks Over Christmas - Infosecurity

Communications department flags idea of tying telco licences to cyber capability - ZD Net

Could you be your organisation’s biggest cyber threat? - Wired

CPRA hints at the future of cybersecurity and privacy - Help Net Security

Criminals are getting better at spoofing banking services - IT Pro Portal

Critical CSRF vulnerability found on Glassdoor company review platform - ZD Net

Cyber Resilience And Cybersecurity: Key Differences And Why Both Are Important - Host Review

East Devon council data breach under investigation - DevonLive

Engineers design transistor that disguises key computer chip hardware from hackers - Help Net Security

Facebook doxes APT32, links Vietnam's primary hacking group to local IT firm - ZD Net

Facebook unmasks Vietnam’s APT32 hacking group - Bleeping Computer

Governance Considerations for Democratizing Your Organization's Data in 2021 - The Hacker News

How Do Cyber Criminals Hack Your Mobile In The Digital Age? - CXO Today

How to Inspect Suspicious Links Using Your Browser's Inbuilt Tools - Make Use Of

IoT Threat Hunting Detects Over One Billion Attack - InfoSecurity

Is your trading app putting your money at risk? - We Live Security

Kaspersky researcher provides protection tips for tainted QR codes - Information Age

Lengthy Ransomware Campaign Already Compromised 83K MySQL Servers - TechNadu

Mastercard, Visa cut card payment ties with Pornhub over child abuse, illegal content allegations - ZD Net

Microsoft adds 64-bit application support to Windows 10 on ARM - Bleeping Computer

Microsoft: New malware can infect over 30K Windows PCs a day - Bleeping Computer

More Than A Million Dental Patients At Risk After Data Breach - The National Memo

Most IT decision makers don’t trust data, but 54% still use it to make decisions - Help Net Security

Netgain, IT service provider and Web Hosting Internet Giant forced to take its data servers offline due to a heavy ransomware attack - JBJ News

Personal data of 7 million indian debit and credit card users leaked on Dark Web, claims cybersecurity researcher - Tech2

Private data of 7 million Indian cardholders leaked - Asianet Newsable

Report: 78% cyber pros expect increase in DNS threats - Advanced Television

Research: Millions of smart devices vulnerable to hacking - Japan Today

Researchers found 37,000 fake brand websites aiming to fool holiday shoppers - IT Pro

SABC confirms that its website was hacked - My Broad Band

Spotify Resets User Passwords Following Account Data Exposure Incident - TechNadu

Scamwatch: Don't get pinned by this SMS scam - Grenfell Record

Tax Relief Biz Exposed Personal Info on 100,000 Clients - InfoSecurity

The Cybersecurity 202: Spiking ransomware attacks against schools make pandemic education even harder - The Washington Post

Threat actors target K-12 distance learning education, CISA and FBI warn - Security Affairs

Third-Party Risk Management: How to Get Your Vendors on Board - Security Boulevard

‘Tis the season for online fraud: Cybercriminals are on the prowl as consumers aim to spend big this Christmas - Hot For Security

‘TSYS’ Downplays Ransomware Incident but Data Is Already Leaking - TechNadu

Watch Out! Adrozek Malware Hijacking Chrome, Firefox, Edge, Yandex Browsers - The Hacker News

10/12/2020

4 security bugs discovered in games on Valve's Steam platform - TechRepublic

250,000 stolen MySQL databases for sale on dark web auction site - Bleeping Computer

2020 to reach vulnerability disclosure levels similar to those in 2019 - Help Net Security

A Road Map for Tackling Cybercrime - Lawfare

Attack on Vermont Medical Center is costing the hospital $1.5M a day - Security Affairs

Businesses Warned of Tax ID Thieves - CPA Pratice Advisor

Chinese APT suspected of supply chain attack on Mongolian government agencies - ZD Net

Cibercrime acessa dados da vacina Pfizer/BioNTech - Security Report

Cisco fixes new Jabber for Windows critical code execution bug - Bleeping Computer

Crypto And Blockchain Adoption Depends on Security, Trust & User Experience - Crypto News

Cryptoverse Warns: Protect Your Bitcoin From Fake Ledger Apps - Crypto News

Cyber Helpline Receives Lottery Funding to Help Growing Number of Victims - InfoSecurity

Decrypting Diversity and Inclusion in Cybersecurity - InfoSecurity

Facebook faces US lawsuits that could force sale of Instagram, Whats App - Gadgets Now

Focus on Identity and Access Management to Secure Remote Workforce - InfoSecurity

Foxconn Refused To Pay $34.5 Million In A Recent Ransomware Attack - Research Snipers

Google’s Plans for More Private and Secure Chrome Extensions in 2021 - TechNadu

Govt warned vulnerable need legal protection from scams - FT Adviser

Group-IB TI&A found compliant with recommendations by US Department of Justice - Help Net Security

Hackers are selling more than 85,000 SQL databases on a dark web portal - ZD Net

Hackers can use WinZip insecure server connection to drop malware - Bleeping Computer

Hackers Raid European Agency for Pfizer Vaccine Docs - InfoSecurity

How do I select cyber insurance for my business? - Help Net Security

How phishing attacks continue to exploit COVID-19 - TechRepublic

Indústria de Segurança na mira dos hackers - Security Report

Internet connection back to normal post ransomware attack: Foxconn - Express Computer

Leaky Elasticsearch Server Reveals Massive Instagram Click Farm - InfoSecurity

“Molerats” Using New Tools in Middle East Espionage Campaign - TechNadu

Microsoft exposes Adrozek, malware that hijacks Chrome, Edge, and Firefox - ZD Net

Minor Behind 2016 PlayStation DDoS Attacks - InfoSecurity

Misery of Ransomware Hits Hospitals the Hardest - Threatpost

njRAT Trojan operators are now using Pastebin as alternative to central command server - ZD Net

North Korea’s Cyber-Offense Strategy Evolving to Focus on International Economic Targets - InfoSecurity

NSW's new information and privacy committee to advise government on best practices - ZD Net

One in ten financial organisations take over a month to fully recover from a ransomware attack, finds Veritas Technologies survey - Global Banking & Finance Review

One Million US Dental Patients Impacted by Data Breach - InfoSecurity

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company - Krebs on Security

Pfizer, BioNTech COVID-19 Vaccine Data Breached in EU Regulator Hack - Health IT Security

Pfizer COVID-19 Vaccine Targeted in EU Cyberattack - Threatpost

Phishers bypass Microsoft 365 security controls by spoofing Microsoft com - Help Net Security

Phishing Attack Targets Vaccine Supply Chain; Linked to Charitable Gavi Project, Attempts Recorded Throughout Europe and Asia - CPO Magazine

Police warning of a new 'DPD delivery' scam - Oxford Mail

Proof-of-concept exploit code published for new Kerberos Bronze Bit attack - ZD Net

Ransomware Campaign Targets MySQL Servers - InfoSecurity

Remote code execution vulnerability uncovered in Starbucks mobile platform - ZD Net

Researchers expose the stress levels of workers at different job positions - Help Net Security

Senior Managers Set Terrible Example for Secure Remote Working - InfoSecurity

Spammers Get Better at Impersonating Banking Services, Use Lingo and Legit Layouts to Con Victims - Hot For Security

Teen who shook the Internet in 2016 pleads guilty to DDoS attacks - Bleeping Computer

The 10 Biggest Healthcare Data Breaches of 2020 - Health IT Security

Tourism agency in Little Rock target of hack - Northwest Arkansas online

U.S. warns of increased cyberattacks against K-12 distance learning - Bleeping Computer

Unsophisticated fraud attacks increase, first-time fraudsters more prevalent - Help Net Security

Valve's Steam Server Bugs Could've Let Hackers Hijack Online Games - The Hacker News

Vendor ransomware attack disrupts DSW's inventory management - Retail Dive

When Do You ‘Exceed’ Your Authorization to Use Computer Data? - Security Boulevard

Why Next-Gen Firewalls Miss the Mark for Today’s Remote Workforce - Security Boulevard

09/12/2020

A dying man, a therapist and the ransom raid that shook the world - Wired

A guide to cyber security for e-commerce businesses - IT Governance

Achieving Complete Control Across Your SaaS Applications: Is it Possible? - InfoSecurity

Adobe security update squashes critical vulnerabilities in Lightroom, Prelude - ZD Net

Alleged Cyber-Stalker Indicted for Murder - Threatpost

Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices - The Hacker News

Animal Jam data breach: 100,000 de-hashed user records leaked, 900,000 more sold on hacker forum - European Gaming

Apache Software Foundation fixes code execution flaw in Apache Struts 2 - Security Affairs

Christchurch terrorist's radicalisation shows the limits of surveillance and censorship - ZD Net

COVID-19 vaccine data has been unlawfully accessed in hack of EU regulator - ARS Technica

Credit card stealer hides in CSS files of hacked online stores - Bleeping Computer

Cybersecurity Firm FireEye Got Hacked; Red-Team Pentest Tools Stolen - The Hacker News

Data Loss Reports to ICO Increase Once Again - InfoSecurity

Data Of 70 Lakh Indian Credit, Debit Card Holders Leaked Online: Report - India Times

Democratização de conhecimento em Segurança da Informação e investimento no Social - SegInfo

DHS-CISA urges admins to patch OpenSSL DoS vulnerability - Bleeping Computer

DSR Family Products: DSR-250 - Rev. Ax :: F/W v3.17 & Older - Unauthenticated & Authenticated Command Injection Vulnerabilities - D-Link

D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws - ThreatPost

Ethical hacker career path advice: Getting started - TechTarget

European Medicines Agency targeted by cyber attack - Security Affairs

‘Fax Express’ Has Leaked the Credentials of Half a Million of Its Customers - TechNadu

FireEye breach: State-sponsored attackers stole hacking tools - Help Net Security

For Most Companies, Securing Remote Work is Unfinished Business - InfoSecurity

Global Cybercrime Losses Cross $1 Trillion Mark - Dark Reading

Governments on alert after FireEye’s hacking tools stolen in cyber attack - IT Governance

Hackers 'sequestram' rede da Foxconn, maior montadora de iPhones - TecMundo

Hackers hide web skimmer inside a website's CSS files - ZD Net

Happy Holidays, Cyber-Crooks are Coming for You - Hot For Security

Home Depot Settles Data Breach Case Eerily Similar to Target’s - Legal Reader

How Backup can be an Effective Defense Against Ransomware - CIO Applications

How Kali Linux creators plan to handle the future of penetration testing - Help Net Security

Is It Time For CEOs To Be Personally Liable For Cyber-Physical Security Incidents? - Cymulate Blog

Israel’s Cybereason uncovers Middle East malware attack via Facebook and Dropbox - Calcalist

IT Workers Fear Becoming Obsolete in Cyber Roles - InfoSecurity

Microsoft Patches Just 58 CVEs in Light December Update - InfoSecurity

New Data Breach Survey Exposes Lack of GDPR Compliance in UK Businesses - Business Manchester

New Malware Arsenal Abusing Cloud Platforms in Middle East Espionage Campaign - Cybereason

Oblivious DoH: Cloudflare supports new privacy, security-focused DNS standard - ZD Net

Ohio Medical Practice Fires Employee Over Patient Privacy Breach - Hot For Security

Open source contributors spending no time on security - Help Net Security

Pandemic Waves Underscore Vulnerabilities in Cloud File Systems - Security Boulevard

Practice Certified Ethical Hacker exam questions - TechTarget

Qbot malware switched to stealthy new Windows autostart method - Bleeping Computer

Ransomware Attackers Professionalizing Operations with Partnership Platforms - InfoSecurity

Ransomware gangs are getting faster at encrypting networks. That will make them harder to stop - ZD Net

Record Levels of Software Bugs Plague Short-Staffed IT Teams in 2020 - Threatpost

Rising physical threats putting leaders under pressure - Help Net Security

Russian hackers hide Zebrocy malware in virtual disk images - Bleeping Computer

Seven Ways We’ve Helped our Partners Transform to Digital Reality During COVID - Security Boulevard

SideWinder APT Targets Nepal, Afghanistan in Wide-Ranging Spy Campaign - Threatpost

Suspected Russian Attackers Steal FireEye Red Team Tools - InfoSecurity

The importance of computer identity in network communications: how to protect it and prevent its theft - Security Affairs

The Unintended Data Security Consequences of Remote Collaboration - InfoSecurity

Vulnerabilities Found in Multiple GE Imaging Systems - InfoSecurity

Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack -Help Net Security

08/12/2020

3 Security Assessments All Health IT Teams Should Know - Health Tech

14% of insurance workers fail global phishing test - Insurance Business

2021: organizations will begin to focus on cyber resilience - Continuity Central

Achieving digital transformation by overcoming identity fatigue - Help Net Security

All Kubernetes versions affected by unpatched MiTM vulnerability - Bleeping Computer

Amnesia:33 vulnerabilities impact millions of smart and industrial devices - ZD Net

Apple Manufacturer Foxconn Confirms Cyberattack - ThreatPost

Avast Cybersecurity Experts Predict Covid-19 Vaccination Scams and Deepfake Disinformation Campaigns for 2021 - Stockhouse

Beware this new spear-phishing campaign that mirrors official spoofs Microsoft Exchange emails - TechRadar Pro

BTC-E operator Alexander Vinnik gets five years in jail - Coingeek

Cameroonian “Puppy Scammer” Arrested in Romania and Website Taken Down - TechNadu

Combating the virtual and physical threats banks face - Help Net Security

Credit card stealing malware bundles backdoor for easy reinstall - Bleeping Computer

Cybersecurity 101: Protect your privacy from hackers, spies, and the government - ZD Net

D-Link routers vulnerable to remotely exploitable root command injection flaw - Help Net Security

D-Link VPN routers get patch for remote command injection bugs - Bleeping Computer

DeathStalker: a detailed look at a mercenary APT group that targets businesses in the Middle East - Zawya

Exploring the shared responsibility model behind cloud security - Arabian Business

FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community - FireEye

Foxconn hit with record-breaking $34 million ransom demand after cyber attack - Hot For Security

Foxconn says internet connection back to normal after ransomware attacks - Reuters

Hackers are targeting companies in the vaccine distribution chain, warns IBM - The Washington Newsday

Hackers leak key data from Brazilian airplane maker Embraer - The Sentinental

Home Affairs likens critical infrastructure protections to insurance and crime-fighting - ZD Net

Home depto settles with states following data breach - TechGenix

How the coronavirus outbreak will affect cybersecurity in 2021 - Tech Republic

IMF says cyber attacks threaten financial stability - IT news

Keep your social media accounts private - Telangana Today

Key cybersecurity problems expected to mark 2021 - Help Net Security

Major spike in cyber attacks on Israeli companies - Tehran Times

Millions of smart devices vulnerable to hacking, cybersecurity researchers say - Star Advertiser

Most pros are concerned about cybersecurity risks related to 5G adoption - Help Net Security

Norway says Russian hacking group APT28 is behind August 2020 Parliament hack - ZD Net

One in Five Online Marketplace Listings Show Signs of Fraud - InfoSecurity

PlayStation Now Fixes Vulnerability That Allowed Attackers to Run RCE on Windows PCs - Hot For Security

Remote security concerns drive communications in the future - Help Net Security

Researchers Find Way to Break Into “Ingenico” Telium 2 POS Terminals - TechNadu

Saint John network will continue to be offline until 2021 after cyberattack - CBC

Scammers spoof Target's gift card balance checking page - Bleeping Computer

Severe MDHexRay bug affects 100+ GE Healthcare imaging systems - Bleeping Computer

Spearphishing Attack Spoofs Microsoft.com to Target 200M Office 365 Users - ThreatPost

Targeted Cyberattacks Require Targeted Security Awareness Training - Security Boulevard

Using Security Automation to Stay a Step Ahead in these Challenging Times - InfoSecurity

Why companies should stop scaring employees about cybersecurity - Mint

07/12/2020

2020's worst cryptocurrency breaches, thefts, and exit scams - ZD Net

A ransomware attack hit the Greater Baltimore Medical Center - Security Affairs

Amazon AWS e IBM Cloud tiveram falha em serviços de nuvem no Brasil - Tecnoblog

Apple iPhone users, there's a new scam you need to be careful about - Gadgets Now

Apple releases HomePod software update 14.2.1 - National Cybersecurity News

As US hospitals cope with a Covid-19 surge, cyber threats loom - The Star

Baltimore County Officials Says No Data Stolen During Ransomware Attack - CBS Baltomire

Beware of five holiday phishing email subjects - The Sentinel Record

Brazil's population exposed in Ministry of Health leaks - ZD Net

Chinese Breakthrough in Quantum Computing a Warning for Security Teams - ThreatPost

Cisco fixes Security Manager vulnerabilities with public exploits - Bleeping Computer

Credit card stealer discovered in social media buttons - ZD Net

Cyber security threats to financial organisations in 2021 - The Hindu Business Line

Cyber warfare booming in the Middle East - ITWire

Cybercrime costs the world more than $1 trillion, a 50% increase from 2018 - Help Net Security

Cybercrime costs to top $1 trillion this year: researchers - Tech Xplore

Cyberpunk 2077 free download hoax - Kaspersky Daily

Data Breach at Alaskan Online Voter Registration System Exposes Personal Info of Over 100,000 Voters - Hot For Security

Data breach: plugging a hole to save your company’s skin - Dynamic Business

Digital thought clones manipulate real-time online behavior - Help Net Security

Divers just found this World War II Enigma machine dumped on the seabed - ZD Net

DMARC inching its way onto Australian government domains - ZD Net

DMV Phishing Scam Circulating In New City: Clarkstown Police - Patch

Don’t get hooked by GDPR compliance phishing scams - ITPro Portal

Egregor Ransomware Steals Data from Recruiter Randstad - InfoSecurity

Embraer faces ransomware attack, affecting operations - Info Tech Lead

Ensuring security across a remote workforce - DataQuest

Europol: Beware Fake Dark Web COVID19 Vaccines - InfoSecurity

Facial recognition payments(Face ID) to be introduced in Moscow metro in 2021 - E Hacking News

Flight Center leaks customer data in an incredibly stupid way - Tech Radar Pro

Foxconn electronics giant hit by ransomware, $34 million ransom - Bleeping Computer

Free ‘Cyberpunk 2077’ Downloads Are Nothing but Lies - TechNadu

Google: These new data-leaking website attacks are a growing menace - ZD Net

Google has an employee ‘problem’ again: What you need to know - Gadgets Now

Gulf cyber threat grows as region embraces cashless payments - Arabian Business

Hackers leak data from Embraer, world's third-largest airplane maker - ZD Net

Hacker opens 2,732 PickPoint package lockers across Moscow - ZD Net

Healthcare in Crisis: Diagnosing Cybersecurity Shortcomings in Unprecedented Times - ThreatPost

How can companies secure a hybrid workforce in 2021? - Help Net Security

How DMARC Can Stop Criminals Sending Fake Emails on Behalf of Your Domain - The Hacker News

How India's cyber agency is fighting evolving threats - The Sentinel

How to remove yourself from Internet search results and hide your identity - ZD Net

Italian police arrest suspects in Leonardo military, defense data theft - ZD Net

Iranian RANA Android Malware Also Spies On Instant Messengers - The Hacker News

Israel: Government to reconsider using Shirbit insurance after large cyberattack - The Jerusalem Post

Israel shaken by data leak after ransomware attack at Shirbit insurance company - Hot For Security

'It's a free-for-all': how hi-tech spyware ends up in the hands of Mexico's cartels - The Guardian

Law firm accuses HMRC of ‘incompetence’ following 11 serious data breaches - Information Age

Malicious actors publish data stolen from fuel company - Insurance Business

Maryland hospital reports IT outage after ransomware attack - Becker's Health IT

National Academy of Elder Law Attorneys (NAELA) Empowers Consumers Against Scams - Dark Reading

NortonLifeLock purchases Avira for $360 million - Bleeping Computer

NSA says Russian state hackers are using a VMware flaw to ransack networks - ARS Technica

NSA Warns: Patched VMware Bug Under Active Attack - ThreatPost

OAIC finds Flight Centre breached privacy of almost 7,000 customers in 2017 - ZD Net

Payment Card Skimmer Group Using Raccoon Info-Stealer to Siphon Off Data - The Hacker News

Phishing simulation reveals more than 70% of public sector workers who clicked on malicious link ended up compromising passwords - IT World Canada

PlayStation Now bugs let sites run malicious code on Windows PCs - Bleeping Computer

QNAP High-Severity Flaws Plague NAS Systems - ThreatPost

Phishing Campaign Targets 200M Microsoft 365 Accounts - Dark Reading

Rana Android Malware - Reversing Labs

Ransom payouts hit record-highs, surging 178% in a year - Yahoo Financial

RansomExx Ransomware Gang Dumps Stolen Embraer Data: Report - ThreatPost

Ransomware attacks pose 2021 challenges for Congress - The Hill

Ransomware Group Now Leaking Data Stolen From ‘Embraer’ - TechNadu

Ransomware Incident Impacts Greater Baltimore Medical Center Computer Systems - CBS Baltimore

Six cryptographic trends we’ll see next year - Help Net Security

SMS: Texting numeric strings is the best holiday gift to cyberthieves - Computer World

Techno-nationalism isn’t going to solve our cyber vulnerability problem - Help Net Security

Tips From a Hacker to Keep Smartphones Safe - Security Boulevard

The biggest hacks, data breaches of 2020 - ZD Net

The legal implications for medtech firms and cybersecurity - Med-Tech News

Trends every IT leader needs to know to empower the enterprise - Help Met Security

US Cyber Command and Australian IWD to develop shared cyber training range - Security Affairs

Verizon Report Finds Cyber Espionage Attacks Aimed Mostly at Endpoints - Security Boulevard

WhatsApp fora do ar: app está com problemas nesta segunda-feira (7) - TecMundo

06/12/2020 - Domingo

Data Breach: HR Consulting Giant Randstad Hit by Egregor Ransomware - E Hacking News

Dental clinic learns of ransomware attack after phone call from hackers - HackRead

Hands on with Cortana's new file finder feature on Windows 10 - Bleeping Computer

How paper created a vulnerability for cyber criminals to steal 186,000 people's data - The Sydney Morning Herald

Kazakhstan government is intercepting HTTPS traffic in its capital - ZD Net

Phishing Attacks on Your Brand are Unrelenting, AI is the Only Way to Fight Back - Security Boulevard

Put yourself on the path to a technology career with this training bundle - Bleeping Computer

U.S Files Lawsuit Against Facebook For Discriminatory Recruitment Process Against U.S Workers - E Hacking News

05/12/2020

Acronis reports India to be third highest in terms of Malware attacks, after US and Japan - E Hacking News

Fans add reality to virtual driving - Hack a Day

First iPhone 13 Leaks Raise the Bar in the Camera Department - TechNadu

Lebanese security services warn of terror plot to destabilize country - Arab News

Phishing & Watering Hole Attacks Dominate the Cyber Threat Landscape in Singapore, Representing 84% of All Cyber Incidents in 2019 - CPO Magazine

Probe into data breach at Highland Perthshire resort after details of 2,400 members leaked online - The Courier UK

Ransomware gangs are now cold-calling victims if they restore from backups without paying - ZD Net

Ransomware gangs now even call victims to meet demands: Report - Social News

Ransomware hits helicopter maker Kopter - ZD Net

The “LockBit” Ransomware Gang Hit Helicopter Manufacturer ‘Kopter’ - TechNadu

Thousands of Pluto TV Users Confirm a Cybersecurity Incident on the Platform - TechNadu

Windows ransomware used to hit aircraft leasing asset manager - ITWire

04/12/2020

Adobe users targeted in dangerous new phishing campaign - Tech Radar Pro

Aerospace Giant Embraer Downed by Suspected Ransomware - InfoSecurity

Beware of fake police website tricking people into providing confidential information - Stomp (Singapore)

BlackShadow hackers extort Israeli insurance company for $1 million - Bleeping Computer

Brazil Govt’s Huge Leak: Health Data of 243M - Security Boulevard

Check Point warns of surge in phishing scams as hackers impersonate delivery vendors - Security Brief

Consumers would like to view internet connectivity as a trusted utility - Help Net Security

Cyber criminals target COVID-19 vaccine supply chains - IT Web

Cyber-warning for festive shoppers - BBC News

Defense Bill Would Restore White House Cybersecurity Post - Data Breach Today

Egregor Ransomware Strikes Metro Vancouver’s TransLink - The State of Security

High-Severity Chrome Bugs Allow Browser Hacks - ThreatPost

How Organizations Can Prevent Users from Using Breached Passwords - The Hacker News

How to avert an evil-maid attack - Kaspersky Daily

IBM detects calculated hack on COVID-19 vaccine supply chain - Intelligent CIO

IBM Uncovers Global Phishing Campaign Targeting the COVID-19 Vaccine Cold Chain - System TEK