NEWS: Janeiro (02/01 - 08/01) - 01 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

08/01

7 Highly Effective Ways To Prevent Those Unexpected Zero-Day Attacks - News AKMI

Be aware of this password stealing banking malware - The Digital Hacker

Cyber ​​scams: Australians lost $ 33 billion to online criminals - Bolly inside

FBI warns hackers are sending USBs infected with ransomware to businesses in the ‘transportation and defense industries’ - The Sun

FlexBooker says sorry for a data breach that exposed 3.7 million user details as well as partial credit card details - Best Gaming Pro

Flubot Android malware is back, popularized as fake flash players - RS News

Insider vs. Outsider Threats: Which Is Worse? - Make USe Of

Kuwait webs in grip of hackers - Arab Times

Online scam academies are offering classes on how to defraud people - Gent Side

Plugging the holes: How to avoid data breaches in 2022 - Apple Magazine

Ransomware attack shuts thousands of school websites globally - MenaFN

Trojanized dnSpy app drops malware cocktail on researchers, devs - Bleeping Computer

Warning from Martin Lewis over mistake when dealing with scam emails and texts - Wales Online

07/01

3.7M FlexBooker Records Dumped on Hacker Forum - ThreatPost

CES 2022 Puts Spotlight On How Governments, Businesses Can Prevent Cyberattacks - TechTimes

Cyber Security: How to protect yourself in 2022 - Financial Express

Cyber-Attack on New Mexico County - InfoSecurity Magazine

Cyberattackers Hit Data of 80K Fertility Patients - ThreatPost

EHR Vendor QRS Faces Lawsuit After Healthcare Cyberattack - Health IT Security

Facebook and WhatsApp users warned to change passwords after rise in phishing scams - Worksop Guardian

FBI: Hackers use BadUSB to target defense firms with ransomware - Bleeping Computer

FinalSite ransomware attack shuts down 5000 school sites - Education Technology

FlexBooker apologizes for breach of 3.7 million user records, partial credit card information - ZDNet

Grass Valley reveals extent of data breach - Yuba Net

Hotel Chain Converts Windows PCs To Chrome OS After Ransomware Attack - Ubergizmo

Lancashire residents given warning about Covid passport scam - LancsLive

Log4J-Related RCE Flaw in H2 Database Earns Critical Rating - ThreatPost

Majority of Americans say ransomware attacks should be considered terrorism - ITPro

Martin Lewis issues important scam warning to people across the UK - Redditch Advertiser

Medical Review Institute of America Notifies Patients of Data Breach - Business Wire

Nordic Choice Hotels Changes Windows to Chrome OS After Ransomware Attack - Tech Times

Norwegian Media Company Amedia Suffered a Serious Cyber Attack That Left Newspapers Unprinted - CPO Magazine

OG department store customers' personal details leaked in data breach - Asia One

Pupils receive each others' Covid results in school data breach - Computing

QNAP: Get NAS Devices Off the Internet Now - ThreatPost

QNAP warns of ransomware targeting Internet-exposed NAS devices - Bleeping Computer

Ransomware attack affected websites of 5,000 schools - CNN Politics

Recent Settlements and Penalties Show Perils of Data Breaches - JDSupra

Rhode Island Public Transit Authority (RIPTA) employees vote no confidence in management after massive data breach - 10 WJAR

Scheduling Platform FlexBooker Discloses Data Breach Affecting 3.7 Million Accounts - Gizmodo

Simple Active Directory tweak helps block BlackMatter ransomware attacks - ITPro

Supply chain cybersecurity: Pain or pleasure? - Help Net Security

Thousands of Schools Impacted After IT Provider Hit by Ransomware - InfoSecurity Magazine

US counterintelligence shares tips to block spyware attacks - Bleeping Computer

Zero Trust Is More Important Than Ever, Security Practitioners Earn - SDXCentral

06/01

8 AppSec Metrics You Should Be Monitoring - Security Boulevard

A Deeper Dive Into the Value of Centralized Logging - Security Boulevard

Alas! World’s biggest search engine was possessed with so many security issues - The Digital Hacker

Apple iOS bug makes your iPhones vulnerable to ransomware attacks - BGR In

Beware new breed of scammers offering classes in how to defraud people - Metro

Be aware of parking meter scams prevailing in Texas - The Digital Hacker

Building a Security Culture in Your Organization: How to Do It Successfully? - University Magazine

Bridging the “front and back of the house”: A lesson in risk management - Help Net Security

BYOD Finally Goes Mainstream - Security Boulevard

Credential Stuffers Compromised 1.1 Million Accounts - InfoSecurity Magazine

Crypto Firm Pulls the Rug from Under Investors with $10m Scam - InfoSecurity Magazine

Cyber attack on UK Defence Academy causes “significant” damage - IT Governance

Cyber ​​police prevents theft of over $720,000 from account of medical company - Interfax Ukraine

Cyberattack insurance: companies expect spike in interest following Impresa hack - Portugal Resident

Data security is a mainstay in the hospitality industry - TechHQ

Deposits to illicit crypto addresses nearly doubled in 2021, Chainalysis finds - CyberScoop

Experts uncover Elephant Beetle, an organized financial-theft operation - Help Net Security

FBI warns about ongoing Google Voice authentication scams - Bleeping Computer

Five tips on how to stay (cyber)secure in a hybrid work world - Help Net Security

France hits Facebook and Google with $210 million in fines - Bleeping Computer

France hits Google, Facebook with fines over ‘Cookies’ management - Security Affairs

Gardaí pursuing 'definite lines of inquiry' after a spate of phishing and smishing fraud - Irish Examiner

Google Buys Siemplify to Bolster Security Analytics Tools - Data Breach Today

Google Chrome rival Brave reports another big jump in users - ZDNet

Google Docs comment feature abused in phishing campaign - Security Affairs

Google Docs commenting feature exploited for spear-phishing - Bleeping Computer

Hackers exploit Google Docs in new phishing campaign - TechRepublic

How to Download, Install & Use CyberGhost VPN on Router? - TechNadu

Hundreds of real estate websites using cloud video hosting providers, victimized by online skimming attacks - The Digital Hacker

Indonesia: Health Ministry probes alleged leak of six million patients' data - Antara News

Insecure Amazon S3 bucket exposed personal data on 500,000 Ghanaian graduates - The Daily Swig

Kronos outage latest: Attackers took down connection to backups; Log4j not involved - The Stack

LastPass states that passwords weren’t compromised after fear of a security breach - The Digital Hacker

Log4j flaw hunt shows how complicated the software supply chain really is - ZDNet

Man Pleads Guilty to $50m Investment Fraud Scheme - InfoSecurity Magazine

Managing cyber security in the third wave: Governance, regulatory adherence key for the insurance sector - Express Computer

New Trick Could Let Malware Fake iPhone Shutdown to Spy on Users Secretly - The Hacker News

New York Attorney General flags 1.1 million online accounts compromised by credential stuffing attacks - The Daily Swig

NIST Cybersecurity Framework: A Quick Guide for SaaS Security Compliance - The Hacker News

NoReboot persistence technique fakes iPhone shutdown - Security Affairs

North Korean Hackers Greet Russian Diplomats with Malware - CISO Mag

North Korean Hackers Start New Year with Attacks on Russian Foreign Ministry - The Hacker News

Personal details of OG department store customers leaked in data breach - The Straits Times

Posts promoting Amazon cryptocurrency are a scam - RTL Today

Ransomware attacks will be more targeted in 2022: Trend Micro - IT World Canada

Report: $2.2 billion in cryptocurrency stolen from DeFi platforms in 2021 - ZDNet

Rhode Island Public Transit Authority (RIPTA) data breach raises questions about who else has access to data - The Provider Journal

Samoa Met Service website may have suffered cyber attack - RNZ

SEGA’s Saga of Nearly Compromised Credentials - Security Boulevard

Skimmer fisgou milionários em imobiliária de luxo - CISO Advisor

SOCs: Marrying the business and security - ITWeb

Swiss army bans all chat apps but locally-developed Threema - Bleeping Computer

The Log4j debacle showed again that public disclosure of 0-days only helps attackers - Help Net Security

There Are Over 1,200 Online Phishing Toolkits According to This Study - Digital Information World

This sneaky hacking group targets old Java applications to break into networks - ZDNet

UK Police Seize £322m of Cryptocurrency in Past Five Years - InfoSecurity Magazine

Union bank of India launches cyber security awareness kit and automatic VAPT lab - Express Computer

US online pharmacy Ravkoo links data breach to AWS portal incident - Bleeping Computer

VMware fixed CVE-2021-22045 heap-overflow in Workstation, Fusion and ESXi - Security Affairs

Your cybersecurity training needs improvement because hacking attacks are only getting worse - ZDNet

Where Are You in Your Zero Trust Journey? - Data Breach Today

05/01

5 ways hackers steal passwords (and how to stop them) - We Live Security by eSet

9-year-old Windows flaw abused to drop ZLoader malware in 111 countries - HackRead

Abu Dhabi forms Cyber Eye to protect its digital assets against cyber threats - ITP Net

API security: Understanding the next top attack vector - Help Net Security

Biggest Hacks and Leaks in the Crypto Industry - Captain Coin

BTC-Alpha Is Back On Coinmarketcap After a Ransomware Attack - PRLeap

Cloud video platform abused in web skimmer attack against real estate sites - HackRead

Cybersecurity Trends for 2022 - InfoSecurity Magazine

Despite Mitigation Efforts, Cyber Attacks and Rate Hikes to Continue in 2022 - Insurance Journal

Don’t fall for phishing scams, follow these tips - Tech Native

East Bay Dasher loses earnings, gets kicked off DoorDash after hackers take over his account - 7News

‘Elephant Beetle’ spends months in victim networks to divert transactions - Bleeping Computer

Fighting fraud in the supply chain with blockchain - Information Age

Going Back to Basics to Fix Our Broken Approach to Cybersecurity - Computer Crime Research

How ransomware is destabilising cyber insurance – and what to do about it - Intelligent CIO

How to make strong passwords and protect them: A simple guide - Cool Mom Tech

Indians among 2,170 hacked via Microsoft signature verification - Ummid

Info-Stealing Malware Hits 100+ Countries - InfoSecurity Magazine

Internet restored after cyber attack against Rowan-Salisbury Schools - Salisbury Post

iOS malware can fake iPhone shut downs to snoop on camera, microphone - Bleeping Computer

Jio warns users of a cyber fraud through which hackers get access to Aadhaar, bank details - Medianama

Malsmoke hackers abuse Microsoft signature verification in ZLoader cyberattacks - ZDNet

Microsoft code-sign check bypassed to drop Zloader malware - Bleeping Computer

Millions of mixtape fans could be at risk of being hacked - TechRadar Pro

Morgan Stanley agrees to $60 million settlement in data breach lawsuit - ZDnet

New York Attorney General alerts 17 companies to 'credential stuffing' cyberattacks impacting more than 1.1 million consumers - Niagra Frontier Publications

New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification - The Hacker News

Purple Fox rootkit discovered in malicious Telegram installers - ZDNet

Researchers Uncover Hacker Group Behind Organized Financial-Theft Operation - The Hacker News

SMBs should consider new approaches for increasing their cybersecurity posture - Help Net Security

Sophos discovers AvosLocker, a new ransomware that uses AnyDesk in Safe Mode to launch attacks - New Straits Times

The sophistication of underground eCrime laid bare - TechRadar Pro

Urgent Instagram warning for BILLIONS of users that could see accounts locked - The Sun

U.S. ransomware attack spells pay woes for London hospital cleaners - The London Free Press

What to Do in the Aftermath of a Data Breach - PC Magazine

Why Business Leaders Need to Keep a Close Eye on GDPR and UK Data Protection Laws - Tech Native

04/01

5 Actionable Tips to Stay Protected from Frauds and Scammers on the Internet by Emir Ceric - Net News Ledger

6 Common Security Vulnerabilities in enterprise databases that should be on your radar - TechGenyz

Attackers abused cloud video platform to inject an e-skimmer into 100 Real Estate sites - Security Affairs

Avoid being held captive by ransomware with secure, reliable backups - GCN

Billing Error Causes PHI Breach at Illinois Health System - Health IT Security

Broward Health suffered a data breach that impacted +1.3 million people - Security Affairs

Care New England has to manually pay workers after cyber attack - ABC6

Clinic Notifies 212,500 About 2020 Breach Involving Fraud - GovInfo Security

Credential Stuffing and Account Takeover Attacks Continue to Rise - PerimeterX

Cyber attack ‘caused a mess’ with Crawford County computer systems - TB&P

Cyberattack against UK Ministry of Defence training academy revealed - ZDNet

Cybercrimes Can Only Be Reduced With A Better Investigation System In Place - YKA

Cybercriminals Can Breach 93% Of Company Networks and Trigger Unacceptable Events in Under a Month, Study Finds - CPO Magazine

Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites - ThreatPost

Defence Academy suffered ‘significant’ cyber attack - UK Authority

Feds Step Up Cybersecurity Support for State Governments - NextGov

Florida's Broward Health Hit by Data Breach of 1.3M Patients' Records - PYMNTS

FTC to pursue companies that expose customer data due to not patching Log4j - ZDNet

Going Back to Basics to Fix Our Broken Approach to Cybersecurity - CPO Magazine

Hackers breached Florida health care system, potentially exposing data on 1.3 million people - KeyT (FOX News Channel)

Hackers hit Broward Health network, potentially exposing data on 1.3M patients, staff - Fierce Healthcare

Hackers target Portugal’s Impresa group, taking major sites down - Portugal Resident

Hackers use video player to steal credit cards from over 100 sites - Bleeping Computer

Have I Been Pwned warns of DatPiff data breach impacting millions - Bleeping Computer

Healthcare cloud infrastructure market size to reach $142 billion by 2028 - Help Net Security

Hospitality Chain McMenamins discloses data breach after ransomware attack - Security Affairs

Human error can result in Mac security breaches - Apple Magazine

Illinois Insurer Insolvency Office Hit by $6.8 Million Cyber Attack - Insurance Journal

Keeping your guard up: Python-based ransomware attacks - IT Pro Portal

LastPass issues statement on credential attack - SC Media

Log4j flaw attack levels remain high, Microsoft warns - ZDNet

Malicious Telegram installers are distributing malware - TechRadar Pro

McMenamins Data Breach Affects 12 Years of Employee Info - ThreatPost

Microsoft Fixes New Year's Day Exchange Server Bug - InfoSecurity Magazine

Mobile Application Security: 2021's Breaches - Dark Reading

Money Launderers Get 33 Years for £70m Criminal Scheme - InfoSecurity Magazine

Montreal tourism agency confirms cyber attack - IT World Canada

Morgan Stanley agrees $60 million settlement in data breach lawsuit - ITPro

NFT hack sees collector lose $2.2 million of ‘Bored Ape’ pictures - Independent

North Wales Police Cyber Crime Team warning about fake Currys email - Deeside

Over 20 years of employee data leaked during McMenamins ransomware attack - ZDNet

Patient Info Exposed After Data Breach at South Florida Hospital System - Insurance Journal

Preventing document fraud in a world built on digital trust - Help Net Security

Protecting the Most Crucial Software Supply Chain Targets - InfoSecurity Magazine

Purple Fox backdoor spreads through fake Telegram App installer - Security Affairs

Ransomware – The data recovery challenge - CRN India

Ransomware Attacks Spur Biden Administration to Take Aggressive Approach to Cybersecurity - Executive Gov

Researchers Detail New HomeKit 'doorLock' Bug Affecting Apple iOS - The Hacker News

‘Ruthless’ Vice Society claims responsibility for Spar ransomware attack - Tech Monitor

SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts - The Hacker News

SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More - ThreatPOst

Serious Vulnerability Allows Phishing Emails to Be Sent From Uber.com Domain - Latest Hacking News

Should businesses be concerned about APT-style attacks? - Help Net Security

The Biggest CyberSecurity Threats to be Aware of in 2022! - The TechNews

The Year of the Defender – 2022 Predictions for OT/IoT Security - Nozomi Networks

UK Defence Academy Attack Forced IT Rebuild – Report - InfoSecurity Magazine

UK's Defence Academy suffered damaging cyber attack last year - Computing UK

Urgent warning to check Gmail and Hotmail for ANY email from Uber right now - The Sun

UScellular discloses data breach after billing system hack - Bleeping Computer

Ways to protect your online privacy, payments, and data - Wire 19

What Is Social Engineering? Human Hacking in 2022 - Cloudwards

03/01

6 Ways to Delete Yourself From the Internet - Wired

A CISO’s guide to discussing cybersecurity with the board - Help Net Security

According to a survey, 60% of information security specialists in the United States feel ransomware is as dangerous as terrorism - Best Gaming Pro

Accounting Firm Faces Lawsuit Over Healthcare Data Breach - Health IT Security

Apple iOS vulnerable to HomeKit 'doorLock' denial of service bug - Bleeping Computer

Are Medical Devices at Risk of Ransomware Attacks? - The Hacker News

Beware of Fake Telegram Messenger App Hacking PCs with Purple Fox Malware - The Hacker News

Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022 - We Live Security by eSet

Broward Health discloses data breach affecting 1.3 million people - Bleeping Computer

Data breach: Broward Health warns 1.3 million patients, staff of 'medical identity theft' - ZDNet

Detecting Evasive Malware on IoT Devices Using Electromagnetic Emanations - The Hacker News

Don't copy-paste commands from webpages — you can get hacked - Bleeping Computer

Here's what to do if data belonging to a deceased loved one was stolen in the N.L. cyberattack - CBC

How Access Monitoring Protects Providers From Health Data Breaches - Health IT Security

How to Solve Your Organization’s Password Woes - InfoSecurity Magazine

How to use WHOIS to analyse scams - Pickr

Japan: Ministry to issue guidelines against ransomware attacks on hospitals - The Japan News

Jerusalem Post and Maariv hacked on Gen. Soleimani’s death anniversary - HackRead

Microsoft rolled out emergency fix for Y2k22 bug in Exchange servers - Security Affairs

Portugal's Impresa media outlets hit by hackers - Thomson Reuters

Ransomware attacks decrease, operators started rebranding - Help Net Security

Ransomware attacks reportedly hit two out of every three Spanish companies in 2021 - Euro Weekly News

The worst cyber attacks of 2021 - Security Affairs

These will be the worst cybersecurity threats in 2022 - Paris Beacon News

This New Year, why not resolve to ditch your dodgy old passwords? - Davids Course

Uber lets you send anyone an email claiming to be from Uber.com - TechRadar Pro

Why the UK’s energy sector is fragile and ripe to cyber attacks - Help Net Security

02/01

Cybercriminals adopting different strategies during pandemic, warn cyber experts - The Hindustan Times

Exclusive: NASA Director Twitter account hacked by Powerful Greek Army - Security Affairs

Hackers accidentally hacked the police, and then they themselves gave the decryption key - The Times Hub

How to Protect Your Devices From Getting Hacked - Albawaba

Malicious Domains are a serious cyber security threat for businesses - Digital Information World

Microsoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service - The Hacker News

Uber ignores vulnerability that lets you send any email from Uber.com - Bleeping Computer

NEWS: Dezembro (26/12 - 01/01/2022) - 52 Semana de 2021