NEWS: Dezembro (05/12 - 11/12) - 49 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!

11/12

5 Ways To Protect Yourself From Online Hackers In 2022 - TechShout

BEWARE: If You Have These Battery Charging and Keyboard Apps, Delete Them ASAP - TechTimes

Brazil health ministry website hit by hackers, vaccination data targeted - Reuters

Brazil suffers cyberattack on health systems, vaccination data still not recovered - Neowin

Canadian Citizen Charged for Ransomware Attacks in Alaska - HackRead

Careful how you scan: QR codes represent the new attack dimension - Digital Journal

Cox Customer Support Scam Leads to Data Breach - Pirate Press

Don’t Let the Grinch that Scammed the Holidays Make You a Victim - Net News Ledger

Easy prey: How Russian criminals laid the bait that would ultimately bring the Irish health service to its knees - Independent

FNB warns of new scams targeting customers - Business Tech

FTC: Americans lost $148 million to gift card scams this year - Bleeping Computer

Gmail, Hotmail Users Beware: 'Free PCR Omicron Test' Email Scam Could Steal Your Bank Account Details | How to Avoid Falling into this Trap - TechTimes

Google Suddenly Makes Windows Safer For 1 Million Users - Forbes

Hacked BDO accounts are used to buy Bitcoin via UnionBank - Manila Bulletin

Hacker Poses As Support Rep To Breach Cox Communications - Forbes

Hackers actively exploiting 0-day in Ubiquitous Apache Log4j tool - HackRead

Hackers are exploiting users with MS Outlook: report - The Hindu

Hackers steal research data from Sweden’s Volvo Cars - The Local

Handi-Van Servers Hit By A Cyberattack, Forcing Passengers To Rebook Rides - Patch

Hellmann Company Reports Massive Cyberattack - Pirate Press

HSE hack: Cancer patients could not be treated, and x-ray systems went offline - Irish Examiner

Identity theft and fraud - how it happens and how to prevent it - Estate Agent Today

Log4j: 'Vaccine' Released for Exploited Apache Zero Day - Gov Info Security

Log4Shell - a new hair-on-fire Internet exploit has IT professionals scrambling - Daily Kos

Massive Attack Targets 1.6 Million WordPress Sites - Bank Info Security

National Board Of Examinations (NBE) Warns Of Spoofed Emails, SMS, Social Media Content - Medical Dialogues

Ransomware Group Claims Volvo Attack, Screenshots of the Stolen Files Released - Auto Evolution

Serious bug puts Apple iCloud, Twitter, Minecraft at hacking threat - Business Standard

The new PPI? Claims firms turn their fire on data breaches - The Guardian

What cybersecurity can learn from health and wellness - Beta News

What Is IP Spoofing and What Is It Used For? - Make Use Of

10/12

30% of online users suffered security breaches due to weak passwords - Help Net Security

Aplicativo do ConecteSUS deixa de apresentar vacinas; site está fora do ar - G1

Atlanta shined light on an attack that happened back to July - The Digital Hacker

BlackCat ransomware, a very sophisticated malware written in Rust - Security Affairs

Bravo for the newly emerged ransomware group on it’s performance - The Digital Hacker

ConecteSUS e página do Ministério da Saúde são alvo de hackers - Metroploes

December 2021 Patch Tuesday forecast: How do you stack up? - Help Net Security

How will emerging technologies impact the data storage landscape? - Help Net Security

Massive attack against 1.6 million WordPress sites underway - Bleeping Computer

Microsoft vulnerabilities have grave implications for organizations of all sizes - Help Net Security

Pakistani group starting a cyber war against India and Afghanistan - The Digital Hacker

Seller-related fraud threatens long-term customer retention - Help Net Security

Singapore-UK digital economy act to focus on cybersecurity, trade - ZDNet

Site do Ministério da Saúde é alvo de hackers - Terra

Sites do Ministério da Saúde e Conect Sus saem do ar após ataque de hackers - G1

This ransomware will successfully infiltrate your device and extort you - The Digital Hacker

Tor network severely hit by a ransomware group - The Digital Hacker

09/12

A new phishing campaign on Twitter is attacking verified accounts - The Digital Hacker

Analysts Claim That Arresting Canadian Ransomware Attacker is a Major Step - The Digital Hacker

Beware of ransomware attacks between Christmas and New Year’s! - Help Net Security

Burned out workers are less likely to follow security guidelines - Help Net Security

Cox discloses data breach after hacker impersonates support agent - Bleeping Computer

Crooks injects e-skimmers in random WordPress plugins of e-stores - Security Affairs

Dark Mirai botnet spreads targeting RCE on TP-Link routers - Security Affairs

DARPA Announces SMOKE Program - InfoSecurity Magazine

Extracting value from the interconnected network of risk management - Help Net Security

Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts - Bleeping Computer

Get patching: SonicWall warns of vulnerabilities in SMA 100 series remote access devices - ZDNet

How can organizations ease audit overload? - Help Net Security

Hundreds of thousands of MikroTik devices still vulnerable to botnets - Bleeping Computer

It’s time to patch your SonicWall SMA 100 series appliances again! - Help Net Security

Microsoft, Google OAuth flaws can be abused in phishing attacks - Bleeping Computer

Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products - Security Affairs

More than 300,000 MikroTik devices have been identified to be susceptible to remote hacking vulnerabilities - The Digital Hacker

Most Phishing Pages are Short-lived - InfoSecurity Magazine

NVD: It’s Another Record Year for Vulnerabilities - InfoSecurity Magazine

Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs - The Hacker News

QNAP NAS devices targeted by new bitcoin miner - Help Net Security

Queensland government energy generator says ransomware attack not state-based - ZDNet

SanDisk SecureAccess bug allows brute forcing vault passwords - Bleeping Computer

Social media platforms being regulated as telcos under discussion in Australia - ZDNet

Sophisticated identity document fraud increased 57% over previous year - Help Net Security

Tens of malicious NPM packages caught hijacking Discord servers - Security Affairs

Top practices to improve enterprise security - Help Net Security

What cybersecurity trends do company executives expect to see next year? - Help Net Security

Why Holidays Put Your Company at Risk of Cyber Attack (And How to Take Precautions) - The Hacker News

Windows 'InstallerFileTakeOver' zero-day bug gets free micropatch - Bleeping Computer

08/12

2021 will be a record-breaking year for data breaches, what about 2022? - Help Net Security

140,000 Reasons Why Emotet is Piggybacking on TrickBot in its Return from the Dead - The Hacker News

“DevOps Engineers are Constantly Being Hunted by Cybercriminals” - CISO Mag

Emotet directly drops Cobalt Strike beacons without intermediate Trojans - Security Affairs

Finding the key for balancing remote workforce security with productivity - Help Net Security

French Transport Giant Exposes 57,000 Employees and Source Code - InfoSecurity Magazine

From DDoS to bots and everything in between: Preparing for the new and improved attacker toolbox - Help Net Security

Google Files Lawsuit Against Blockchain Botnet Operators - InfoSecurity Magazine

Google Takes Legal Action Against Glupteba Botnet - CISO Mag

Guide to Achieving 24x7 Threat Monitoring and Response for Lean IT Security Teams (eBook) - The Hacker News

Healthcare cybersecurity market size to reach $35.5 billion by 2027 - Help Net Security

Hotel Guests Locked Out of Rooms After Ransomware Attack - InfoSecurity Magazine

How FinServ Firms can Prevent Business Email Compromise - Security Boulevard

It’s Not a User Problem; It’s a Cybersecurity People Problem - Security Boulevard

Listen to recorded Twitter Spaces on iOS, android or the web - The Digital Hacker

Moobot botnet spreading via Hikvision camera vulnerability - Bleeping Computer

Skewed analytics caused by bots damage businesses as much as ad fraud - Help Net Security

The current state of zero trust: Awareness is high, adoption is lagging - Help Net Security

There is a possibility that Verizon is Collecting Your Data, Here is how this can be stopped - The Digital Hacker

XMGoat: Open-source pentesting tool for Azure - Help Net Security

Why Public-Private Partnership is Key to Cybersecurity - Security Boulevard

07/12

27 flaws in USB-over-network SDK affect millions of cloud users - Bleeping Computer

A new WIRTE threat group is targeting Middle Eastern scholars - The Digital Hacker

Adapting higher education to address the cybersecurity skills shortage - Help Net Security

Apple Warns of Further Compromises by Israel’s NSO Group - Security Boulevard

Aruba rolls out "Microbranch" networking to level up home offices - ZDNet

Attackers exploit another zero-day in ManageEngine software (CVE-2021-44515) - Help Net Security

Bosses are reluctant to spend money on cybersecurity. Then they get hacked - ZDNet

Businesses fear rise of third-party attacks, as ransomware impact grows - ZDNet

Cambridge Quantum Launches Cryptographic Key Service - Security Boulevard

Charitable Giving Sector a Major Cyberattack Target - Security Boulevard

Cloud Protection Over Bifurcated Network Security - Security Boulevard

Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides - The Hacker News

Emotet is spreading again thanks to bogus app installers - The Digital Hacker

EU key management in 2022 - Help Net Security

Google disrupts massive Glupteba botnet, sues Russian operators - Bleeping Computer

How Cybercriminals Use Phishing Kits - CISO Mag

How to protect air-gapped networks from malicious frameworks - Help Net Security

Just 3% of UK Firms Escaped a Supply Chain Breach in 2021 - InfoSecurity Magazine

Microsoft seized 42 domains used by the China-linked APT15 cyber espionage group - Security Affairs

Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers - The Hacker News

Myanmar atrocities have led to a $150 billion lawsuit by Rohingya refugees against Facebook - The Digital Hacker

Nobelium continues to target organizations worldwide with custom malware - Security Affairs

Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet - Bleeping Computer

On two occasions, it’s been claimed that Google Pixel mail-in repairs resulted in leaked images and a privacy nightmare - The Digital Hacker

Ransomware Victims Pay $700K in Extra Extortion Fees - InfoSecurity Magazine

RTF Template Injection Technique Gains Popularity among APT groups - The Digital Hacker

Rust takes a major step forward as Linux's second official language - ZDNet

Secure transactions top retailers’ wish lists this holiday season - Help Net Security

SolarWinds Hackers Targeting Government and Business Entities Worldwide - The Hacker News

STOP Ransomware vaccine released to block encryption - Bleeping Computer

The threats of modern application architecture are closer than they appear - Help Net Security

Twitter bots monitor every tweet to push cryptocurrency scams - Bleeping Computer

UK’s Poor Cyber Risk Planning Could “Wreak Havoc” - InfoSecurity Magazine

With the latest firmware update, Google Pixel Buds A-Series will now have more options - The Digital Hacker

06/12

14 New Cross-Site Leaks Attacks Have Been Identified - The Digital Hackers

14 New XS-Leaks (Cross-Site Leaks) Attacks Affect All Modern Web Browsers - The Hacker News

$120 million was looted from the DeFi protocol by hackers - The Digital Hackers

330 SPAR stores close or switch to cash-only payments after a cyberattack - Security Affairs

2022 and the threat landscape: The top 5 future cybersecurity challenges - Help Net Security

A cyber attack has forced supermarket Spar to close some stores - ZDNet

ASIC says financial market cyber resiliency remained steady but fell short of target - ZDNet

Brace yourself for these five top data breach trends in 2022, Experian warns - ZDNet

Crypto Exchange BitMart Hacked, Loss Estimated at $196 Million - TechNadu

Cuba Ransomware Nets Nearly $50m - InfoSecurity Magazine

Cyber Insurance for Health Care Organizations - CISO Mag

Cyberattack freezes Maryland health department - Data Breaches Net

Cybercrime supply chain: Fueling the rise in ransomware - Help Net Security

Delta-Montrose Electric Association (DMEA) Colorado electric utility hit by a disruptive cyberattack - Security Affairs

Facebook no Brasil é condenado a indenizar internauta que teve conta hackeada - G1

Firefox confirmed WordPress gravatar data breach in mails - The Digital Hackers

Florida teen and her mother accused of hacking homecoming queen election refuse plea deal, claiming they have been framed - Data Breaches Net

France warns of Nobelium cyberspies attacking French orgs - Bleeping Computer

Fraudulent e-commerce transactions spiked between Thanksgiving and Cyber Monday - Help Net Security

Hackers are sending receipts with anti-work messages to businesses’ printers - Security Affairs

Hackers are using this new malware which hides between blocks of junk code - ZDNet

Hackers pretending to be Iranian govt use SMS messages to steal credit card info, create botnet - ZDNet

Hackers Steal $200 Million Worth of Cryptocurrency Tokens from BitMart Exchange - The Hacker News

Hackers Steal Cryptocurrency Worth $150 Mn From BitMart Exchange - CISO Mag

How proactive are companies when managing data? - Help Net Security

Hundreds of SPAR stores shut down, switch to cash after cyberattack - Bleeping Computer

Increasing Network Visibility: The Key to Security - Security Boulevard

Kafdrop flaw allows data from Kafka clusters to be exposed Internet-wide - Help Net Security

Lewis & Clark Community College to resume classes Tuesday amid ransomware attack - Data Breaches Net

Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers - Security Affairs

Making robotics security a top priority - Help Net Security

Malicious KMSPico Windows Activator Stealing Users' Cryptocurrency Wallets - The Hacker News

Nine State Department Phones Hijacked by Spyware - InfoSecurity Magazine

Pakistani APT Group ‘SideCopy’ Targets Officials in India and Afghanistan - CISO Mag

Romance Fraudster Targeted 670 Women Online - InfoSecurity Magazine

Russian hacking group uses new stealthy Ceeloader malware - Bleeping Computer

Security experts question new DHS/TSA cybersecurity rules for rail companies - ZDNet

The US military’s cyber branch has admitted that it has used aggressive tactics to disrupt ransomware activities - The Digital Hackers

The Verizon App Collects User Browsing and Calls History, Location, and More - TechNadu

Threat actors stole more than $150 million worth of cryptocurrency tokens from BitMart platform - Security Affairs

Vulnerability Scanning Frequency Best Practices - The Hacker News

Your CEO Isn’t Real: How to Deal With Deep Fakes - Security Boulevard

WhatsApp adds default disappearing messages for new chats - Bleeping Computer

05/12

2.1 million people’s data affected during a data breach - The Digital Hacker

ASIC says financial market cyber resiliency remained steady but fell short of target - ZDNet

BitMart Exchange has confirmed that the security breach involves one of its ETH hot wallets and one of BSC hot wallets - HackRead

Convincing Microsoft phishing uses fake Office 365 spam alerts - Bleeping Computer

Cyber Vulnerabilities and Safety Risks Across the UK's Digital Railway - InfoSecurity Magazine

Cybersecurity predictions: Identity protection to be a priority in 2022 - Zawya

Did the cybersecurity stakes get even higher in 2021? - The Star

Education sector among most vulnerable - The Star

Garena Free Fire: Stop being defrauded; Know how to prevent a phishing attack; check list - Hindu Stan Time

Hackers are spamming businesses' receipt printers with 'antiwork' Reddit manifestos that include messages like 'are you being underpaid?' - Daily Mail

If you’re mailed a random CD, don’t put it in your computer. Here’s why - The Star

Laying the land for a cyber-safe future - Arabian Business

Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers - Security Affairs

Malicious Excel XLL add-ins push RedLine password-stealing malware - Bleeping Computer

New Twitter phishing campaign targets verified accounts - Bleeping Computer

No surprise: NSW iVote fails during local council elections - ZDNet

Putting a stop to cybercrime - The Star

Ransomware attacks on the rise in Switzerland - Swissinfo

Ransomware group hits 49 critical infrastructure firms in US - The Siasat Daily

The National Police warns that cybercriminals are intensifying their campaigns against CaixaBank users to steal their data - CVBJ Biz

Threat to online learning - The Star

Top Ways To Ensure Online Security And Device Safety - Asume Tech

U.S. State Department phones hacked with Israeli company spyware – sources - Data Breaches Net

Why responsibility for ransomware sits at the top - ITWire

NEWS: Novembro / Dezembro (28/11 - 04/12) - 48 Semana de 2021