NEWS: Fevereiro (07/02 - 13/02) - 6 Semana de 2021

Cybersecurity News !!!!

13/02/2021

Are More Water Treatment Facility Hacks on the Way? - TechNadu

CD Projekt's stolen source code allegedly sold by ransomware gang - Bleeping Computer

Combatting the Growing Cyberthreat of QR Code Abuse - Government Technology

DarkSide Ransomware Hit Canadian Discount Car and Truck Rentals - TechDator

Data Breach: 3.2 Billion Email And Password Leaked - Kashmir Observer

Hacker Selling 40 Million Ukrainian Bank Customer Records - TechNadu

How To Identify Bitcoin Trading Scams In Easy Steps - TechBullion

It’s not your imagination — your smart device is watching you - NBC

Leading Canadian rental car company hit by DarkSide ransomware - Bleeping Computer

What is DNS Poisoning? (aka DNS Spoofing) - Key Factor

12/02/2021

2020 vulnerability disclosures on track to exceed those from 2019 - Help Net Security

5 cybersecurity trends MSPs must address in 2021 - Help Net Security

ANPD vai apurar vazamento de dados de operadoras de telefonia - CISO Advisor

Avaddon Had a Flaw That Allowed Free Decryption but It’s Been Fixed Now - TechNadu

Dread Forum Admin Comes With an Explanation About Recent Outages - TechNadu

Extensões do Chrome e Edge contaminaram 3 milhões de usuários - CISO Advisor

For SOC teams, the analytics and automation hype is real - Help Net Security

Good Governance and Controls for Ensuring Data Privacy - CISO Magazine

How MDR Fills SASE and ZTNA Cybersecurity Gaps - Security Boulevard

Investigation Into Egregor Ransomware Reveals Unknown Aspects About its Operation - TechNadu

Lampion trojan disseminated in Portugal using COVID-19 template - Security Affairs

mHealth apps consistently expose PII and PHI through APIs - Help Net Security

Microsoft said the number of web shells has doubled since last year - ZD Net

New Law in Russia Aiming to Take Control Over Dark Web Crypto - TechNadu

OAIC cautions giving big tech access to information under the Consumer Data Right - ZD Net

ONU discute diplomacia cibernética e sanções contra ataques - CISO Advisor

ONU vincula Coreia do Norte a roubo de US$ 281 mi de bolsa de criptomoedas - CISO Advisor

People Are Hacking Their Laptops to Unlock Their Full Potential - TechNadu

Pesquisador afirma ter invadido sistemas da Apple, Microsoft, Yelp e Tesla - CISO Advisor

Researchers spot massive increase in RDP attack attempts - Help Net Security

Ripples of the Accellion Hack Reach Australia; QIMR Berghofer Confirms ‘Likely’ Data Breach - CISO Magazine

Secret Chat in Telegram Left Self-Destructing Media Files On Devices - The Hacker News

SIM Swappers Detained for Stealing $100Mn in Cryptocurrencies from Celebrities - CISO Magazine

Successful BEC attacks become 56% more costly - Help Net Security

The “P” in Telegram stands for Privacy - Security Affairs

11/02/2021

12-year-old Windows Defender bug gives hackers admin rights - Bleeping Computer

After data breach, Syracuse University’s silence is glaring - The Daily Orange

Almost half a million users duped by Facebook phishing campaign - TechRadar Pro

Android spyware strains linked to state-sponsored Confucius threat group - ZD Net

Australian research institute confirms ‘likely’ data breach after third-party Accellion hack - The Daily Swig

Big Tech will try to pre-empt harsh privacy laws by writing their own - Help Net Security

Biggest data breach ‘of all time’ leaks billions of emails and passwords - Metro CO UK

Buggy WordPress plugin exposes 100K sites to takeover attacks - Bleeping Computer

DDoS attacks intensify — Driven in part by COVID-19 and 5G - Security Magazine

Egregor Ransomware Adopting New Techniques - Morphisec

Employees’ phishing knowledge is subpar, research finds - CFO Daily News

Free decrypter released for Avaddon ransomware victims... aaand, it's gone! - ZD Net

Hackers ask only $1,500 for access to breached company networks - Bleeping Computer

How Universities Can Cope Amid a Ransomware Perfect Storm - EDTech Magazine

Illinois Is State Hit Hardest by Cybercrime - InfoSecurity

Intel fixes vulnerabilities in Windows, Linux graphics drivers - Bleeping Computer

KeepChange said it stopped hackers from stealing user funds, but not personal data - ZD Net

Legal and health sector caught out in data breach - Digital Journal

Major medical research centre caught up in data breach - Brisbane Times

Microsoft, Facebook and PayPal most impersonated brands during phishing attacks - Security Brief

Microsoft warns of an increasing number of web shell attacks - Bleeping Computer

PayPal fixes reflected XSS vulnerability in user wallet currency converter - ZD Net

People are often the collateral damage of attacks on corporations - Help Net Security

Phishing awareness gone wrong: Facebook tries to seize websites set up for staff security training - The Register

Phishing With Morse Code - Hackday

Proofpoint sues Facebook over dummy sites used for anti-phishing training - Cyberscoop

Various Malware Lurks in Discord App to Target Gamers - ThreatPost

10/02/2021

Adobe fixes a buffer overflow issue in Reader which is exploited in the wild - Security Affairs

Adobe patches wave of critical bugs in Magento, Acrobat, Reader - ZD Net

Apple Patches 10-Year-Old macOS SUDO Root Privilege Escalation Bug - The Hacker News

BluBracket Community Edition: Detect and monitor secrets in code for free - Help Net Security

Brazilian government urged to protect consumers from massive data leak - ZD Net

Can Breach Victims Sue Now for Future Harm? - Security Boulevard

Collaboration is the key to a secure world-class sporting event - Help Net Security

COVID-19 has increased urgency for businesses to adopt VSaaS and ACaaS - Help Net Security

Cybersecurity Company Emisoft Suffers System Data Breach, Founder Apologizes - E Hacking News

Dark web analysis shows high demand for hackers - Help Net Security

Dependency Confusion Supply-Chain Attack Hit Over 35 High-Profile Companies - The Hacker News

Eight British Men Arrested for SIM Swapping Acts Targeting U.S. Celebs - TechNadu

EXCLUSIVO: Novo vazamento expõe mais de 100 milhões de contas de celular - NeoFeed

Hackers auction alleged stolen Cyberpunk 2077, Witcher source code - Bleeping Computer

Indo-Pacific tech sector 'ripe for investment' and cyber defence cooperation: Research - ZD Net

Intel Squashes High-Severity Graphics Driver Flaws - ThreatPost

Investor data breach 'fatigue' reduces Wall Street punishment for cybersecurity failures - ZD Net

KuCoin Reportedly Lost $281 Million Worth of Crypto to North Korean Hacker Attacks - TechNadu

LodaRAT Windows Malware Now Also Targets Android Devices - The Hacker News

LodaRAT Windows malware now hunting Android devices - HackRead

Microsoft fixes Windows 10 console bug leading to blue screens - Bleeping Computer

Microsoft warns enterprises of new 'dependency confusion' attack technique - ZD Net

New Security Risks Await Post-Pandemic Travelers - Security Boulevard

Novo vazamento expõe mais de 100 milhões de contas de celular do Brasil - Veja

SIM hijackers arrested after stealing millions from US celebrities - Bleeping Computer

Supply chain security is actually worse than we think - ZD Net

The cost of synthetic fraud to reach new highs - Help Net Security

This old security vulnerability left millions of Internet of Things devices vulnerable to attacks - ZD Net

When it comes to vulnerability triage, ditch CVSS and prioritize exploitability - Help Net Security

09/02/2021

Alison Partners with CODERED - InfoSecurity

App baixado mais de 10 milhões de vezes infecta celulares com anúncios - TechTudo

Attorney-General asked to update 'personal information' definition in Privacy Act - ZD Net

Author of uPanel phishing kit arrested in Ukraine - ZD Net

Avast Joins ‘Coalition Against Stalkerware’ Amidst Unprecedented Rise - TechNadu

Can we put a stop to cyber harassment? - Help Net Security

CD Projekt Red game studio discloses ransomware attack, extortion attempt - ZD Net

CD PROJEKT RED gaming studio hit by ransomware attack - Bleeping Computer

COVID-19 impact on SecOps: Increased threats, greater investments in automation - Help Net Security

Creator of Cyberpunk 2077 ‘CD Projekt’ Announced Ransomware Incident - TechNadu

Cyber Command Major Imprisoned for Sex Crime - InfoSecurity

Cybercriminals leverage remote desktop protocol to brute force attacks - SecurityBrief

Cybersecurity jobs: This new 'one-stop shop' aims to create a roadmap for security careers - ZD Net

Fastest VPN in 2021 - ZD Net

Gaming Industry Is Fraudsters’ Prime Target - InfoSecurity

Get your free ticket to Cobalt’s SecTalks virtual conference - Help Net Security

Hackers Accessed a Florida Town Water Treatment Facility System and Changed Chemical Levels - TechNadu

InfoSec Reviews in Project Management Workflows - Security Boulevard

Microsoft February 2021 Patch Tuesday fixes 56 bugs, including Windows zero-day - ZD Net

Microsoft to alert enterprise security teams when nation-state attackers target their employees - Help Net Security

Microsoft to notify Office 365 users of nation-state attacks - Security Affairs

Microsoft urges customers to patch critical Windows TCP/IP bugs - Bleeping Computer

Most zoombombing incidents are inside jobs - Help Net Security

Pirate IPTV Services Blackmailed by Hacker Who Stole User ID Data - TechNadu

Protect your online privacy with this highly rated VPN, now on sale - ZD Net

Remote SecOps May Improve Cloud Security - Security Boulevard

Researcher hacks Microsoft, Apple, more in novel supply chain attack - Bleeping Computer

SentinelOne Buys Data Analytics Company Scalyr - Dark Reading

Threat Actors are Targeting Users Via New Phishing Campaign - E Hacking News

Threat intelligence vs. future data breaches - Security Boulevard

‘U-Admin’ Phishing Panel Author Arrested in Ukraine - TechNadu

Ukrainian Police Arrest Author of World's Largest Phishing Service U-Admin - The Hacker News

Your security technology is only as strong as your team - Help Net Security

08/02/2021

3.2 Billion Email And Password Pairs Have Been Leaked, Here's How To Check If You Are Affected - MobyGeek

A hacker tried to poison the water supply of an entire Florida city - Fast Company

Academy trust 'paid fraudsters nearly £400K' - Tes

Billions of Passwords Offered for $2 in Cyber-Underground - ThreatPost

Detailed: Here's How Iran Spies on Dissidents with the Help of Hackers - The Hacker News

Empowering a remote workforce is a top priority for CEOs - Help Net Security

Europol Breaks $14m Card Fraud Ring - InfoSecurity

Hacker modified drinking water chemical levels in a US city - ZD Net

How do I select a remote access solution for my business? - Help Net Security

Identity verification market to grow steadily in the next few years - Help Net Security

IT spending, cloud computing, phishing campaigns, AI boom, and more: ZDNet's research roundup - ZD Net

Microsoft to alert Office 365 users of nation-state hacking activity - Bleeping Computer

Organizations can no longer afford a reactive approach to risk management - Help Net Security

Remote Desktop Protocol Attacks Surge by 768% - InfoSecurity

Researchers develop approach that can recognize fake news - Help Net Security

Three ways MITRE ATT&CK can improve your organizational security - Help Net Security

Top 5 Bug Bounty Programs to Watch in 2021 - The Hacker News

Victims of Ziggy ransomware can recover their files for free - Security Affairs

07/02/2021

Albany ransomware attack threatens criminal cases - Times Union

Auditor’s Office data breach adds insult to injury - The Columbian

Bad news: your password has almost certainly leaked online - Express

Cybersecurity Threats: The Daunting Challenge Of Securing The Internet Of Things - Forbes

Don’t Post Your Coronavirus Vaccination Card Selfie On Social Media - TechnoCodex

Hacktivists deface multiple Sri Lankan domains, including Google.lk - ZD Net

It’s Groundhog Day for password security - Digital Journal

New phishing attack uses Morse code to hide malicious URLs - Bleeping Computer

UPMC Data Breach - ABC 23

Ziggy ransomware shuts down and releases victims' decryption keys - Bleeping Computer