NEWS: Janeiro (09/01 - 15/01) - 02 Semana de 2022Cyber Security and Information Security News - Daily Updates !!15/019 Times Hackers Targeted Cyberattacks on Industrial Facilities Aditya Birla Fashion (ABFRL) Data Allegedly Leaked Online, Over 5 Million Email Addresses Breached Brunei Postal Dept warns of phishing scams via WhatsApp City of Tenino loses $280,309 to phishing email scam, state Auditor’s Office says Considering a Move to Zero Trust Security? Keep these Identity Security Practices and Resources in Mind Don’t download this COVID app! It’s spreading malware Five cybersecurity myths that are compromising your data ‘Golden era’ for cyber attacks as criminals take advantage of pandemic Hackers disrupt payroll for thousands of employers — including hospitals Hackers Use Legitimate Adobe Emails to Harvest Credentials Largest dark web market for stolen cards UniCC calls it quits Linux malware sees 35% growth during 2021 macOS, Windows, Linux all targeted by new cross-platform exploit NYC schools crippled by week-long data service systems outage North Korean Hackers Carefully Stole $400 Million in Crypto Last Year Qlocker ransomware returns to target QNAP NAS devices worldwide Russia charges 8 suspected REvil ransomware gang members SRT email service outage continues The huge sums of money that explain why there are so many SMS and email phishing scams in Spain U.S., France discuss measures to support Ukraine after cyberattack on govt websites – U.S. Department of State 14/013rd-party flaws allowed a teen hacker to track location of Tesla cars 2022 Cybersecurity Guide: The Security Gift For Your Loved Ones A 'massive' hacking attack has hit government websites in Ukraine Accellion to pay $8.1M in proposed data breach settlement AWS Patches Glue Bug That Put Customer Data at Risk Auto parts maker Denso targeted in ransomware cyberattack Buckeye Broadband email accounts down due to ransomware attack Clinic Breach Affecting 200,000 Tied to Vendor's 2020 Attack Computer hackers apparently target City of North Port Dark web carding platform UniCC shuts up shop after making millions Data breach: Sheffield Council reprimanded after 8.6 million vehicle number plates were shared on the internet Defense contractor Hensoldt confirms Lorenz ransomware attack EHR vendor QRS sued over breach to patient portal server Email Service Mail2World Reported Down Flaw Found in Biometric ID Devices Four Ways Retailers Can Prevent and Protect Customers from a Cyber Security Attack Goodwill discloses data breach on its ShopGoodwill platform Hacker group REvil arrested, dismantled at US request: Russian intelligence agency Hacking Is the New Car Jacking: How To Secure Vehicle Data How to protect yourself against Sim-swapping scams with mobile phone fraud on the rise Husband and wife among ransomware operators arrested in Ukraine In Government, Access Control Means Cybersecurity Insider Threats are a Quiet Risk in your System Lasting Effects of Kronos Cyberattack Ripple Through Healthcare Magniber Ransomware is becoming a nightmare for Edge users Maryland lawmaker: Officials misled on ransomware attack ‘Massive’ Cyberattack on Ukraine Cripples Gov’t Websites Mitigating Insider Security Threats with Zero Trust NatWest ‘new device registered’ scam texts: what to look out for North Korea hackers stole US$400mln of crypto last year, report North Korean Hackers Stole $400m in Cryptocurrency Last Year OCBC Singapore scam victims, many who lost life savings, slam bank for underwhelming response Oscar Health Plan of California Notice of Data Breach Questions linger after MDH ransomware attack Ransomware attack at Durham Johnston School Ransomware sets its sights on IOT/OT Researchers develop CAPTCHA solver to aid dark web research Russia arrests REvil ransomware gang members at request of US officials Russian authorities take down REvil ransomware gang SSU Assures Of No Personal Data Breach Due To Cyberattack On Public Authorities SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks State police warn of new 'phishing' scam that involves parking meters Tech Giants to Team-Up on Open Source Security After White House Meet The future of security protocols for remote work The race towards renewable energy is creating new cybersecurity risks Three Plugins with Same Bug Put 84K WordPress Sites at Risk Transport for NSW finds more customers, employees impacted by Accellion breach Ukrainian Cops Bust Suspected $1m Cybercrime Ring Watch out, that Microsoft Edge update is actually ransomware What is ransomware and how does it work? White House confirms person behind Colonial Pipeline ransomware attack nabbed during Russian REvil raid Why Third Parties are the Source of So Many Hacks 13/01Adobe Cloud Abused to Steal Office 365, Gmail Credentials All 2BILLION WhatsApp users warned of simple mistake that can get your account hacked AWS fixes security flaws that exposed AWS customer data BlueNoroff hackers steal crypto using fake MetaMask extension Carding site UniCC retires after generating $358 million in sales Consumer IAM market to reach $17.6 billion by 2026 Cops warn of increasing number of bank scams as fraudsters target residents in Spain’s Palma Councillors refuse public release of IT audit of Hackney Psya ransomware attack Cybersecurity Trends for 2022 DDoS Attacks Broke All Records in 2021 Delivering vulnerable signed kernel drivers remains popular among attackers Fake Telegram App Distributes Purple Fox Malware FBI Issues Warning on FIN7 USB Stick Exploit FCC Proposes Stricter Data Breach Reporting Requirements Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry GootLoader Hackers Targeting Employees of Law and Accounting Firms Hot wallet hack: Hackers steal $18.7m from Animoca’s Lympo NTF platform Hotel chain switches to Chrome OS after Windows ransomware attack How threat intelligence can help the financial industry prepare for cyber threats How to ensure a Zero-Trust approach for remote workers IBM predicting what 2022 holds for cybersecurity Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor Lazarus, Cobalt, and FIN7 have all been identified as major hacker organisations targeting the financial sector Maryland Department of Health Systems Down 1 Month After Ransomware Attack Massachusetts State Police warn of parking scam that uses QR codes to steal bank account, credit card information Microsoft Defender weakness lets hackers bypass malware detection Most Users Are Unaware That Their Passwords Are Compromised, New Study Shows New GootLoader Campaign Targets Accounting, Law Firms New "Undetected" Backdoor Runs Across Three OS Platforms New Zealand: 5 cyber threats to look out for this year NSO spyware found targeting journalists and NGOs in El Salvador Norton's cynical crypto ploy: A dark harbinger of crapware to come? OCBC phishing scam underscores trade-off between convenience and security, with bank customers at risk: Experts Putting Skin in the Cyber Insurance Game Ransomware attack impacts Buckeye Broadband email service vendor Ransomware attack on New Mexico jail put prisoners in lockdown Ransomware attack on vendor shuts down Buckeye email services Ransomware locks down prison, knocks systems offline Report Identifies Weaknesses in Online Banking Security Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys Singapore: 1,200 phishing scams since December; some culprits impersonate officials and use stolen data to set up e-wallet The Human Resources Impact Of The Kronos Ransomware Attack The public sector is more concerned about external than internal threats The rising threat of cyber criminals targeting cloud infrastructure in 2022 The Rhode Island Public Transit Authority (RIPTA) Data Breach May Provide Valuable Lessons About Data Collection and Retention UK jails man for spying on kids, adults with Remote Access Trojans Ukrainian cops nab husband and wife suspected to be part of $1m ransomware operation US Cyber Command links MuddyWater to Iranian intelligence US: MuddyWater is Iranian State-Backed Group What is ‘sextortion’ and why are cases on the rise? What makes edge computing successful? When it comes to banking security, there’s no silver bullet When open-source developers go bad Why You Need Pentesting-as-a-Service (PtaaS) 12/012022 promises to be a challenging year for cybersecurity professionals A new multi-platform backdoor is leveraged by an advanced threat actor Adobe fixes 4 critical Reader bugs that were demonstrated at Tianfu CupAttackers More Successful at Delivering Malware Payloads Audit Your Active Directory with a free, read-only scan from Specops Check your SPF records: Wide IP ranges undo email security and make for tasty phishes CISA Adds 15 New Flaws to its Actively Exploited Vulnerabilities Catalog Cisco Talos discovers a new malware campaign using the public cloud to hide its tracks EA: 50 high-profile FIFA 22 accounts taken over by phishing actors European Union to Launch Supply Chain Attack Simulation Europol Ordered to Delete Vast Trove of Personal Information FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure Firefox 96 update focuses on noise improvements, main thread efficiency Hackers take over diplomat's email, target Russian deputy minister Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware How safe are cloud applications? How to Make API Security an Integral Part of Your Application Security Strategy Interview: Open Banking Opens Customer Data to Third Parties Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor Log4j: How hackers are using the flaw to deliver this new 'modular' backdoor Magniber ransomware using signed APPX files to infect systems Maryland Department Of Health Confirms Ransomware Attack Caused Disruption In COVID-19 Data Last Month Microsoft Starts 2022 with 97 CVEs in January Patch Tuesday New RedLine malware version distributed as fake Omicron stat counter New SysJoker Espionage Malware Targeting Windows, macOS, and Linux Users New Windows KB5009543, KB5009566 updates break L2TP VPN connections OceanLotus hackers turn to web archive files to deploy backdoors Oxeye Tool Can Counter Log4j Obfuscation Attacks Remote Access Trojans spread through Microsoft Azure, AWS cloud service abuse Researchers Uncover NetUSB RCE Flaw Affecting Millions of Routers SMEs still an easy target for cybercriminals South African justice department clueless about hacked data TellYouThePass ransomware returns as a cross-platform Golang threat This new malware wants to create backdoors and targets Windows, Linux and macOS Two Years for Man Who Used RATs to Spy on Women and Children UK Launches Initiative to Develop Global AI Standards US government urges organizations to prepare for Russian-sponsored cyber threats XDR: Redefining the game for MSSPs serving SMBs and SMEs Zero-Trust for Health Care in the Age of Ransomware Who is the Network Access Broker ‘Wazawaka?’ Why 2022 Should be a Year of Cybersecurity Optimism WI: Neenah schools investigating apparent cyber attack; classes canceled Wednesday 11/019 ways that cybersecurity may change in 2022 2021 was a terrible year for cybersecurity. Without action, 2022 could be even worse 2022 Cybersecurity Predictions from Lookout: Work From Anywhere Ends On-Premises Security A Missouri Reporter Is (Still) Getting Blamed For the Security Flaw He Exposed A psicologia reversa do MITRE ATT&CK – Parte 1 AvosLocker ransomware now targets Linux systems, including ESXi servers BADNEWS for Hackers! Patchwork Group Expose Themselves in Malware Campaign Banks Still Struggling to Spot the Signs of Human Trafficking Brasil tem 77% mais ataques em 2021 do que em 2020 CISA adds 15 exploited vulnerabilities from Google, IBM, Microsoft, Oracle and more to catalog Connecticut company that hosts school websites recovering from ransomware attack DDoS attacks that come combined with extortion demands are on the rise Corporate Cyber-Attacks Spike 50% in 2021 Critical SonicWall NAC Vulnerability Stems from Apache Mods Cybersecurity in 2022: Addressing Insider Threats Cybersecurity: Last year was a record year for attacks, and Log4J made it worse Data security in the age of insider threats: A primer EU data watchdog to Europol: You've helped yourself to too much data FIN7 Mailing Malicious USB Sticks to Drop Ransomware Focus On Protecting Critical Infrastructure and Supply Chains Four million outdated Log4j downloads were served from Apache Maven Central alone despite vuln publicity blitz ‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS Google Drive accounted for the most malware downloads from cloud storage sites in 2021 How the pandemic fueled enterprise digital transformation How to Prevent Steganography Attacks Incident Management: Benefits, KPIs and Best Practices Indian APT exposes its Modus Operandi by infecting their own devices JumpCloud Makes Built In Colorado’s 2022 Best Places to Work List KCodes NetUSB bug exposes millions of routers to RCE attacks KCodes NetUSB kernel remote code execution flaw impacts millions of devices Major Indian fashion retailer hacked and data leaked Many users don’t know how to protect their broadband Wi-Fi routers Microsoft January 2022 Patch Tuesday fixes 6 zero-days, 97 flaws Microsoft January 2022 Patch Tuesday: Six zero-days, over 90 vulnerabilities fixed Millions of Routers Exposed to RCE by USB Kernel Bug Missouri school district’s employee data dumped by ransomware group New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors New RedLine malware version spread as fake Omicron stat counter New SysJocker backdoor targets Windows, macOS, and Linux Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers Night Sky ransomware uses Log4j bug to hack VMware Horizon servers Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft Romance Scammers Stole £92m From Victims Last Year Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay? ‘Shame on You, Moxie Marlinspike’—Fake Cash Scheme Pollutes Signal Nonprofit Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO Small businesses are most vulnerable to growing cybersecurity threats Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns The Final Count: Vulnerabilities Up Almost 10% in 2021 This engineer broke enterprise applications for not donating for his open-source project This is the Year to Create a Cybersecurity Culture Tracking Adversaries in AWS using Anomaly Detection, Part 1 Tracking Adversaries in AWS using Anomaly Detection, Part 2 US govt warns of Russian hackers targeting critical infrastructure What to Include in a Cybersecurity Disaster Recovery Plan World Economic Forum: Cybersecurity an Increasing Global Threat WordPress 5.8.3 Security Release fixes four vulnerabilities 10/016 cloud security trends to watch for in 2022 Abcbot and Xanthe botnets have the same origin, experts discovered Abcbot Botnet Linked to Operators of Xanthe Cryptomining malware Abcbot botnet is linked to Xanthe cryptojacking group Ataque hacker no Ministério da Saúde completa um mês e pasta ainda convive com ‘apagão’ de dados Ataque hacker: sistema de dados voltou ao ar, diz Ministério da Saúde Attackers aren’t finished using Log4Shell, says Microsoft and FTC California town announces data breach involving police department, loan provider CISA director: 'We have not seen significant intrusions' from Log4j -- yet Connecticut Nerds Report CSAM Cyber-Thieves Raid Grass Valley Detect and identify IoT malware by analyzing electromagnetic signals Eight resolutions to help navigate the new hybrid office model Europol ordered to erase data on those not linked to crime Finalsite: All School Sites Now Restored After Ransomware Attack FlexBooker Reveals Major Customer Data Breach Forensics Expert Kept Murder Snaps on PC How to lock down your Microsoft account and keep it safe from outside attackers Indian-linked Patchwork APT infected its own system revealing its ops Indian Patchwork hacking group infects itself with remote access Trojan Linux Mint 20.3 released promising security updates until 2025 Malware Hide-in-SSD Firmware gets a makeover found Microsoft: powerdir bug gives access to protected macOS user data New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4) New ZLoader malware campaign hit more than 2000 victims across 111 countries npm Libraries ‘colors’ and ‘faker’ Sabotaged in Protest by their Maintainer—What to do Now? On-premises cloud: The worst of both worlds? Oops: Cyberspies infect themselves with their own malware Over Half of SMEs Have Experienced a Cybersecurity Breach Ransomware warning: Cyber criminals are mailing out USB drives that install malware Researchers Find Bugs in Over A Dozen Widely Used URL Parser Libraries Securing Onboarding and Offboarding in the Cloud Several EA Sports FIFA 22 players have been hacked Sonrai Security Enters 2022 with Exponential Revenue Growth and Strong Customer Acquisition and Retention The Number 1 Enemy of XDR and SIEM: Dwell Time Um mês após ataque hacker, Ministério da Saúde diz que integração entre sistema de dados foi restabelecida na sexta Unified communications market size to reach $344.84 billion by 2028 US Issues Warning Over Commercial Spyware What to expect in 2022 privacy wise? WordPress 5.8.3 security update fixes SQL injection, XSS flaws 09/01BADNEWS! Patchwork APT Hackers Score Own Goal in Recent Malware Attacks Beware! Flubot Android Malware is Back Cyber Defense Magazine – January 2022 has arrived. Enjoy it! Cybersecurity crucial for ongoing digitisation of banking industry: researchersDev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps FBI warning: FIN7 gang sends USB sticks containing ransomware Google docs malware warning as cybercriminals send bogus links to users in spear-phishing scam Medical Review Institute of America Notifies Patients of Data Breach QNAP issues ransomware warning to users: secure your devices or disconnect unprotected NAS Ransomware attack shuts school websites Rhode Island Public Transit Authority (RIPTA) data breach linked to file wrongly stored on employee's hard drive, unions told Scheduling platform Flexbooker hacked, 3.7 mn users’ data stolen Thieves steal NFTs collection valued at $2.2 million Warning: “Lots of reports about scam NHS Covid Pass text message” says North Wales Police Cyber Crime Team NEWS: Janeiro (02/01 - 08/01) - 01 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!15/019 Times Hackers Targeted Cyberattacks on Industrial Facilities Aditya Birla Fashion (ABFRL) Data Allegedly Leaked Online, Over 5 Million Email Addresses Breached Brunei Postal Dept warns of phishing scams via WhatsApp City of Tenino loses $280,309 to phishing email scam, state Auditor’s Office says Considering a Move to Zero Trust Security? Keep these Identity Security Practices and Resources in Mind Don’t download this COVID app! It’s spreading malware Five cybersecurity myths that are compromising your data ‘Golden era’ for cyber attacks as criminals take advantage of pandemic Hackers disrupt payroll for thousands of employers — including hospitals Hackers Use Legitimate Adobe Emails to Harvest Credentials Largest dark web market for stolen cards UniCC calls it quits Linux malware sees 35% growth during 2021 macOS, Windows, Linux all targeted by new cross-platform exploit NYC schools crippled by week-long data service systems outage North Korean Hackers Carefully Stole $400 Million in Crypto Last Year Qlocker ransomware returns to target QNAP NAS devices worldwide Russia charges 8 suspected REvil ransomware gang members SRT email service outage continues The huge sums of money that explain why there are so many SMS and email phishing scams in Spain U.S., France discuss measures to support Ukraine after cyberattack on govt websites – U.S. Department of State 14/013rd-party flaws allowed a teen hacker to track location of Tesla cars 2022 Cybersecurity Guide: The Security Gift For Your Loved Ones A 'massive' hacking attack has hit government websites in Ukraine Accellion to pay $8.1M in proposed data breach settlement AWS Patches Glue Bug That Put Customer Data at Risk Auto parts maker Denso targeted in ransomware cyberattack Buckeye Broadband email accounts down due to ransomware attack Clinic Breach Affecting 200,000 Tied to Vendor's 2020 Attack Computer hackers apparently target City of North Port Dark web carding platform UniCC shuts up shop after making millions Data breach: Sheffield Council reprimanded after 8.6 million vehicle number plates were shared on the internet Defense contractor Hensoldt confirms Lorenz ransomware attack EHR vendor QRS sued over breach to patient portal server Email Service Mail2World Reported Down Flaw Found in Biometric ID Devices Four Ways Retailers Can Prevent and Protect Customers from a Cyber Security Attack Goodwill discloses data breach on its ShopGoodwill platform Hacker group REvil arrested, dismantled at US request: Russian intelligence agency Hacking Is the New Car Jacking: How To Secure Vehicle Data How to protect yourself against Sim-swapping scams with mobile phone fraud on the rise Husband and wife among ransomware operators arrested in Ukraine In Government, Access Control Means Cybersecurity Insider Threats are a Quiet Risk in your System Lasting Effects of Kronos Cyberattack Ripple Through Healthcare Magniber Ransomware is becoming a nightmare for Edge users Maryland lawmaker: Officials misled on ransomware attack ‘Massive’ Cyberattack on Ukraine Cripples Gov’t Websites Mitigating Insider Security Threats with Zero Trust NatWest ‘new device registered’ scam texts: what to look out for North Korea hackers stole US$400mln of crypto last year, report North Korean Hackers Stole $400m in Cryptocurrency Last Year OCBC Singapore scam victims, many who lost life savings, slam bank for underwhelming response Oscar Health Plan of California Notice of Data Breach Questions linger after MDH ransomware attack Ransomware attack at Durham Johnston School Ransomware sets its sights on IOT/OT Researchers develop CAPTCHA solver to aid dark web research Russia arrests REvil ransomware gang members at request of US officials Russian authorities take down REvil ransomware gang SSU Assures Of No Personal Data Breach Due To Cyberattack On Public Authorities SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks State police warn of new 'phishing' scam that involves parking meters Tech Giants to Team-Up on Open Source Security After White House Meet The future of security protocols for remote work The race towards renewable energy is creating new cybersecurity risks Three Plugins with Same Bug Put 84K WordPress Sites at Risk Transport for NSW finds more customers, employees impacted by Accellion breach Ukrainian Cops Bust Suspected $1m Cybercrime Ring Watch out, that Microsoft Edge update is actually ransomware What is ransomware and how does it work? White House confirms person behind Colonial Pipeline ransomware attack nabbed during Russian REvil raid Why Third Parties are the Source of So Many Hacks 13/01Adobe Cloud Abused to Steal Office 365, Gmail Credentials All 2BILLION WhatsApp users warned of simple mistake that can get your account hacked AWS fixes security flaws that exposed AWS customer data BlueNoroff hackers steal crypto using fake MetaMask extension Carding site UniCC retires after generating $358 million in sales Consumer IAM market to reach $17.6 billion by 2026 Cops warn of increasing number of bank scams as fraudsters target residents in Spain’s Palma Councillors refuse public release of IT audit of Hackney Psya ransomware attack Cybersecurity Trends for 2022 DDoS Attacks Broke All Records in 2021 Delivering vulnerable signed kernel drivers remains popular among attackers Fake Telegram App Distributes Purple Fox Malware FBI Issues Warning on FIN7 USB Stick Exploit FCC Proposes Stricter Data Breach Reporting Requirements Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry GootLoader Hackers Targeting Employees of Law and Accounting Firms Hot wallet hack: Hackers steal $18.7m from Animoca’s Lympo NTF platform Hotel chain switches to Chrome OS after Windows ransomware attack How threat intelligence can help the financial industry prepare for cyber threats How to ensure a Zero-Trust approach for remote workers IBM predicting what 2022 holds for cybersecurity Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor Lazarus, Cobalt, and FIN7 have all been identified as major hacker organisations targeting the financial sector Maryland Department of Health Systems Down 1 Month After Ransomware Attack Massachusetts State Police warn of parking scam that uses QR codes to steal bank account, credit card information Microsoft Defender weakness lets hackers bypass malware detection Most Users Are Unaware That Their Passwords Are Compromised, New Study Shows New GootLoader Campaign Targets Accounting, Law Firms New "Undetected" Backdoor Runs Across Three OS Platforms New Zealand: 5 cyber threats to look out for this year NSO spyware found targeting journalists and NGOs in El Salvador Norton's cynical crypto ploy: A dark harbinger of crapware to come? OCBC phishing scam underscores trade-off between convenience and security, with bank customers at risk: Experts Putting Skin in the Cyber Insurance Game Ransomware attack impacts Buckeye Broadband email service vendor Ransomware attack on New Mexico jail put prisoners in lockdown Ransomware attack on vendor shuts down Buckeye email services Ransomware locks down prison, knocks systems offline Report Identifies Weaknesses in Online Banking Security Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys Singapore: 1,200 phishing scams since December; some culprits impersonate officials and use stolen data to set up e-wallet The Human Resources Impact Of The Kronos Ransomware Attack The public sector is more concerned about external than internal threats The rising threat of cyber criminals targeting cloud infrastructure in 2022 The Rhode Island Public Transit Authority (RIPTA) Data Breach May Provide Valuable Lessons About Data Collection and Retention UK jails man for spying on kids, adults with Remote Access Trojans Ukrainian cops nab husband and wife suspected to be part of $1m ransomware operation US Cyber Command links MuddyWater to Iranian intelligence US: MuddyWater is Iranian State-Backed Group What is ‘sextortion’ and why are cases on the rise? What makes edge computing successful? When it comes to banking security, there’s no silver bullet When open-source developers go bad Why You Need Pentesting-as-a-Service (PtaaS) 12/012022 promises to be a challenging year for cybersecurity professionals A new multi-platform backdoor is leveraged by an advanced threat actor Adobe fixes 4 critical Reader bugs that were demonstrated at Tianfu CupAttackers More Successful at Delivering Malware Payloads Audit Your Active Directory with a free, read-only scan from Specops Check your SPF records: Wide IP ranges undo email security and make for tasty phishes CISA Adds 15 New Flaws to its Actively Exploited Vulnerabilities Catalog Cisco Talos discovers a new malware campaign using the public cloud to hide its tracks EA: 50 high-profile FIFA 22 accounts taken over by phishing actors European Union to Launch Supply Chain Attack Simulation Europol Ordered to Delete Vast Trove of Personal Information FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure Firefox 96 update focuses on noise improvements, main thread efficiency Hackers take over diplomat's email, target Russian deputy minister Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware How safe are cloud applications? How to Make API Security an Integral Part of Your Application Security Strategy Interview: Open Banking Opens Customer Data to Third Parties Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor Log4j: How hackers are using the flaw to deliver this new 'modular' backdoor Magniber ransomware using signed APPX files to infect systems Maryland Department Of Health Confirms Ransomware Attack Caused Disruption In COVID-19 Data Last Month Microsoft Starts 2022 with 97 CVEs in January Patch Tuesday New RedLine malware version distributed as fake Omicron stat counter New SysJoker Espionage Malware Targeting Windows, macOS, and Linux Users New Windows KB5009543, KB5009566 updates break L2TP VPN connections OceanLotus hackers turn to web archive files to deploy backdoors Oxeye Tool Can Counter Log4j Obfuscation Attacks Remote Access Trojans spread through Microsoft Azure, AWS cloud service abuse Researchers Uncover NetUSB RCE Flaw Affecting Millions of Routers SMEs still an easy target for cybercriminals South African justice department clueless about hacked data TellYouThePass ransomware returns as a cross-platform Golang threat This new malware wants to create backdoors and targets Windows, Linux and macOS Two Years for Man Who Used RATs to Spy on Women and Children UK Launches Initiative to Develop Global AI Standards US government urges organizations to prepare for Russian-sponsored cyber threats XDR: Redefining the game for MSSPs serving SMBs and SMEs Zero-Trust for Health Care in the Age of Ransomware Who is the Network Access Broker ‘Wazawaka?’ Why 2022 Should be a Year of Cybersecurity Optimism WI: Neenah schools investigating apparent cyber attack; classes canceled Wednesday 11/019 ways that cybersecurity may change in 2022 2021 was a terrible year for cybersecurity. Without action, 2022 could be even worse 2022 Cybersecurity Predictions from Lookout: Work From Anywhere Ends On-Premises Security A Missouri Reporter Is (Still) Getting Blamed For the Security Flaw He Exposed A psicologia reversa do MITRE ATT&CK – Parte 1 AvosLocker ransomware now targets Linux systems, including ESXi servers BADNEWS for Hackers! Patchwork Group Expose Themselves in Malware Campaign Banks Still Struggling to Spot the Signs of Human Trafficking Brasil tem 77% mais ataques em 2021 do que em 2020 CISA adds 15 exploited vulnerabilities from Google, IBM, Microsoft, Oracle and more to catalog Connecticut company that hosts school websites recovering from ransomware attack DDoS attacks that come combined with extortion demands are on the rise Corporate Cyber-Attacks Spike 50% in 2021 Critical SonicWall NAC Vulnerability Stems from Apache Mods Cybersecurity in 2022: Addressing Insider Threats Cybersecurity: Last year was a record year for attacks, and Log4J made it worse Data security in the age of insider threats: A primer EU data watchdog to Europol: You've helped yourself to too much data FIN7 Mailing Malicious USB Sticks to Drop Ransomware Focus On Protecting Critical Infrastructure and Supply Chains Four million outdated Log4j downloads were served from Apache Maven Central alone despite vuln publicity blitz ‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS Google Drive accounted for the most malware downloads from cloud storage sites in 2021 How the pandemic fueled enterprise digital transformation How to Prevent Steganography Attacks Incident Management: Benefits, KPIs and Best Practices Indian APT exposes its Modus Operandi by infecting their own devices JumpCloud Makes Built In Colorado’s 2022 Best Places to Work List KCodes NetUSB bug exposes millions of routers to RCE attacks KCodes NetUSB kernel remote code execution flaw impacts millions of devices Major Indian fashion retailer hacked and data leaked Many users don’t know how to protect their broadband Wi-Fi routers Microsoft January 2022 Patch Tuesday fixes 6 zero-days, 97 flaws Microsoft January 2022 Patch Tuesday: Six zero-days, over 90 vulnerabilities fixed Millions of Routers Exposed to RCE by USB Kernel Bug Missouri school district’s employee data dumped by ransomware group New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors New RedLine malware version spread as fake Omicron stat counter New SysJocker backdoor targets Windows, macOS, and Linux Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers Night Sky ransomware uses Log4j bug to hack VMware Horizon servers Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft Romance Scammers Stole £92m From Victims Last Year Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay? ‘Shame on You, Moxie Marlinspike’—Fake Cash Scheme Pollutes Signal Nonprofit Signal CEO Resigns, WhatsApp Co-Founder Takes Over as Interim CEO Small businesses are most vulnerable to growing cybersecurity threats Suspected Chinese hackers use Log4j flaw to deploy Night Sky ransomware, Microsoft warns The Final Count: Vulnerabilities Up Almost 10% in 2021 This engineer broke enterprise applications for not donating for his open-source project This is the Year to Create a Cybersecurity Culture Tracking Adversaries in AWS using Anomaly Detection, Part 1 Tracking Adversaries in AWS using Anomaly Detection, Part 2 US govt warns of Russian hackers targeting critical infrastructure What to Include in a Cybersecurity Disaster Recovery Plan World Economic Forum: Cybersecurity an Increasing Global Threat WordPress 5.8.3 Security Release fixes four vulnerabilities 10/016 cloud security trends to watch for in 2022 Abcbot and Xanthe botnets have the same origin, experts discovered Abcbot Botnet Linked to Operators of Xanthe Cryptomining malware Abcbot botnet is linked to Xanthe cryptojacking group Ataque hacker no Ministério da Saúde completa um mês e pasta ainda convive com ‘apagão’ de dados Ataque hacker: sistema de dados voltou ao ar, diz Ministério da Saúde Attackers aren’t finished using Log4Shell, says Microsoft and FTC California town announces data breach involving police department, loan provider CISA director: 'We have not seen significant intrusions' from Log4j -- yet Connecticut Nerds Report CSAM Cyber-Thieves Raid Grass Valley Detect and identify IoT malware by analyzing electromagnetic signals Eight resolutions to help navigate the new hybrid office model Europol ordered to erase data on those not linked to crime Finalsite: All School Sites Now Restored After Ransomware Attack FlexBooker Reveals Major Customer Data Breach Forensics Expert Kept Murder Snaps on PC How to lock down your Microsoft account and keep it safe from outside attackers Indian-linked Patchwork APT infected its own system revealing its ops Indian Patchwork hacking group infects itself with remote access Trojan Linux Mint 20.3 released promising security updates until 2025 Malware Hide-in-SSD Firmware gets a makeover found Microsoft: powerdir bug gives access to protected macOS user data New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4) New ZLoader malware campaign hit more than 2000 victims across 111 countries npm Libraries ‘colors’ and ‘faker’ Sabotaged in Protest by their Maintainer—What to do Now? On-premises cloud: The worst of both worlds? Oops: Cyberspies infect themselves with their own malware Over Half of SMEs Have Experienced a Cybersecurity Breach Ransomware warning: Cyber criminals are mailing out USB drives that install malware Researchers Find Bugs in Over A Dozen Widely Used URL Parser Libraries Securing Onboarding and Offboarding in the Cloud Several EA Sports FIFA 22 players have been hacked Sonrai Security Enters 2022 with Exponential Revenue Growth and Strong Customer Acquisition and Retention The Number 1 Enemy of XDR and SIEM: Dwell Time Um mês após ataque hacker, Ministério da Saúde diz que integração entre sistema de dados foi restabelecida na sexta Unified communications market size to reach $344.84 billion by 2028 US Issues Warning Over Commercial Spyware What to expect in 2022 privacy wise? WordPress 5.8.3 security update fixes SQL injection, XSS flaws 09/01BADNEWS! Patchwork APT Hackers Score Own Goal in Recent Malware Attacks Beware! Flubot Android Malware is Back Cyber Defense Magazine – January 2022 has arrived. Enjoy it! Cybersecurity crucial for ongoing digitisation of banking industry: researchersDev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps FBI warning: FIN7 gang sends USB sticks containing ransomware Google docs malware warning as cybercriminals send bogus links to users in spear-phishing scam Medical Review Institute of America Notifies Patients of Data Breach QNAP issues ransomware warning to users: secure your devices or disconnect unprotected NAS Ransomware attack shuts school websites Rhode Island Public Transit Authority (RIPTA) data breach linked to file wrongly stored on employee's hard drive, unions told Scheduling platform Flexbooker hacked, 3.7 mn users’ data stolen Thieves steal NFTs collection valued at $2.2 million Warning: “Lots of reports about scam NHS Covid Pass text message” says North Wales Police Cyber Crime Team NEWS: Janeiro (02/01 - 08/01) - 01 Semana de 2022
Comments