NEWS: Junho (20/06 - 26/06) - 25 Semana de 2021

Cyber Security News !!!

26/06

Cybersecurity: REvil Ransomware Gang Strikes Again, Attacks FCUK Fashion Label - TechTimes

Defending Against Email Threats That Don’t Involve Malware - Business World

Hackers attack Olympics computer system - Prensa Latina

Inside the Mind of Cybercriminals – How Threat Actors Think - IT News Africa

Mercedes-Benz USA Announces Data Breach Affecting Customers and Prospective Buyers - TechNadu

Microsoft, the group behind the SolarWinds breach attacked Customer Service - Codelist

Microsoft admits to signing rootkit malware in supply-chain fiasco - Bleeping Computer

Microsoft Discloses New Customer Hack Linked to Solar Winds Cyber ​​Attackers - Eminetra

Microsoft Says SolarWinds Hackers Are Still Actively Targeting American Firms - TechNadu

The 10 Biggest Cyber Attacks In History - Albawaba

25/06

30 million Dell devices affected by BIOSConnect code execution bugs - HackRead

6 official Python repositories plagued with cryptomining malware - HackRead

A rise in ransomware threatens America’s critical infrastructure - Security Infowatch

Agencies Combat Ransomware in Digital Health - Government CIO

AWS BugBust Aims to Fix One Million Vulnerabilities Globally - InfoSecurity

Anglesey cyber-attack affects island's five secondaries - BBC News

Anglesey schools offline after cyber attack - Computer Weekly

Bank Fraud: Hackers Using Both Gozi, Cerberus Malware - Bank Info Security

Business Email Compromise (BEC) Scams Sparked by Remote Working, Research Says - MSSP Alert

Cisco ASA Bug Now Actively Exploited as PoC Drops - ThreatPost

Cloud Database Exposes 800M+ WordPress Users' Records - InfoSecurity

Corporate fraud expected to rise in the next 12 months - Consulting

Crackonosh malware abuses Windows Safe mode to quietly mine for cryptocurrency - ZDNet

Cryptocurrency Scam: Hackers Are Using Free Games to Slip Mining Malware Into Your System - Tech Times

Cyberattack traffic targeting video game industry surged during the pandemic - Help Net Security

Cybersecurity firm Technisanct identifies data breach in leading online trading platform - The Week

Data breach in trading platform has put millions of customers at risk - Business Standard

Data of 500K patients accessed, stolen after eye clinic ransomware attack - SC Magazine

Data-Wiping Malware Hit a Large Number of Western Digital ‘My Book Live’ Disks - TechNadu

Dell SecureAssist contained RCE flaw allowing miscreants to remotely reflash your BIOS with code of their creation - The Register

DOD Wants Partners to Up Their Cybersecurity Game, Official Says - US Dept Of Defense

Double-dipping ransomware attacks on the rise in Canada - Mobilesyrup

DreamHost hosting firm exposed almost a billion sensitive records - HackRead

FBI Report Finds 300% Rise in Cybercrime Due To Pandemic - Tech Zone 360

FIN7 ‘Pen Tester’ Headed to Jail Amid $1B in Payment-Card Losses - ThreatPost

FIN7 Supervisor Gets 7-Year Jail Term for Stealing Millions of Credit Cards - The Hacker News

Hackers Crack Pirated Games with Cryptojacking Malware - ThreatPost

How Banks can Manage Enterprise Risk Amid Rise in Cyberattacks - Global Bank & Finance Review

How to protect critical infrastructure from ransomware attacks - The Bulletin

Hoya Optical Labs Notifies Consumers of Healthcare Ransomware Attack - The Bulletin

Implementing zero trust architecture in BYOD environments - Federal News Network

'It's evil' Ransomware attack on hospital system in Savannah is part of a growing trend - Savannah Now

Judson ISD Still Investigating Last Week's Ransomware Attack - Woai IHeart News

Malware-as-a-Service is a Booming Business - InfoSecurity

Mercedes-Benz Customer Data Flies Out the Window - ThreatPost

Mercedes-Benz data breach exposes SSNs, credit card numbers - Bleeping Computer

Mercedes-Benz USA accidentally puts out data from nearly 1,000 customers - Saltwire

Most Healthcare Organizations Expect to Be Ransomware Targets - Health IT Security

Newly Discovered Dell Bugs Impact 30 Million PCs - InfoSecurity

NFC flaws let researchers hack an ATM by waving a phone - ARS Technica

Open Source Security Flaws Exist in 70% Of Applications, 80% Of Libraries Are Never Updated - CPO Magazine

Over 1B CVS Health records exposed online - Digital Journal

Over 26,000 Impacted by Ransomware at Texas School District - Government Technology

Over 220,000 Computers Infected by XMRig Malware Downloaded as Game Cracks - TechNadu

Prominent ‘FIN7’ Hacking Group Member Sentenced to 7 Years in Prison - TechNadu

Public sector organisations left vulnerable by ransomware attacks, cybersecurity expert urges measures for stronger protection - ITWire

Ransomware Attackers Shared Personal Information, Tulsa Officials Say - Insurance Journal

Ransomware-as-a-service business model takes a hit in the aftermath of the Colonial Pipeline attack - TechRepublic

Rhode Island Department of Transportation (RIDOT) Warns Residents Of Text Message Phishing Scam - Patch

Sophisticated hackers are targeting these Zyxel firewalls and VPNs - ZDNet

Tesspring suffers data breach, causing leak of more than 8.2 million user details! - TDH

Texarkana rebounding from ransomware attack that crippled municipal computers - KSLA News

Third-party identity risk management, compliance, or both? - Help Net Security

This phishing campaign could really blow up in the face of the attackers - TechRadar Pro

U.K. Police Seize $160 Million In Cryptocurrency In Money Laundering Investigation - Forbes

UK’s most popular hotel brands putting customers at risk of email fraud - Intelligent CIO

US Secret Service Releases 'Most Wanted' Cyber Fugitive List - BankInfoSecurity

What Is Angler Phishing and How Can You Avoid Falling Victim? - Make Use Of

24/06

A Google Drive security update will break some of your shared links - Bleeping Computer

Amazon launching global competition to find and fix 1 million software bugs - ZDNet

Australia: Minister considers Labor's ransomware bill - Blue Mountains Gazette

BIOSConnect code execution bugs impact millions of Dell devices - ZDNet

BIOS Disconnect: New High-Severity Bugs Affect 128 Dell PC and Tablet Models - The Hacker News

Combatting OpSec threats to our COVID-19 vaccination efforts: What can we do? - Help Net Security

Critical Auth Bypass Bug Affects VMware Carbon Black App Control - The Hacker News

Cybersecurity firms battle DMCA rules over good-faith research - ZDNet

Cyberstalking tendencies in modern day relationships - Help Net Security

Digital identity verification spend to reach $16.7 billion in 2026 - Help Net Security

Gas Station Sues Colonial Pipeline for Gas Crisis From Ransomware Attack - Insurance Journal

Google warns: Watch out, this security update could break links to your Drive files - ZDNet

How to convince your boss that cybersecurity includes Active Directory - Help Net Security

It takes less than one hour to exploit vulnerable container infrastructure - Help Net Security

‘Made in Oregon’ Discloses Massive Security Breach Exposing Customer Credit Cards - TechNadu

Microsoft's security tool can now spot rogue devices on your network - ZDNet

MITRE D3FEND: Enabling cybersecurity pros to tailor defenses against specific cyber threats - Help Net Security

Most third-party libraries are never updated after being included in a codebase - Help Net Security

One-click account takeover vulnerabilities in Atlassian domains patched - ZDNet

One-Click Exploit Could Have Let Attackers Hijack Any Atlassian Account - The Hacker News

Phishing attack's unusual file attachment is a double-edged sword - Bleeping Computer

Ransomware: Now gangs are using virtual machines to disguise their attacks - ZDNet

Reduce Business Risk By Fixing 3 Critical Endpoint-to-Cloud Security Requirements - The Hacker News

RIP: Internet Explorer will be disabled in Windows 11 - Bleeping Computer

The human cost of ransomware: Disruption to Irish health service will continue for months - ZDNet

Tulsa warns residents that police citations and reports leaked to Dark Web after Conti ransomware attack - ZDNet

UnitingCare Queensland update on ransomware infection - The Weekly Source

US brokerage firms warned of 'FINRA Support' phishing attacks - Bleeping Computer

What 2020 taught us about changing cybersecurity tactics and trends - BIT (Business IT)

What are the Wider Implications of Ransomware Payments? - Digit

What is the impact of remote work on security best practices? - Help Net Security

23/06

500,000 patients suffered due to data breach at Wolfe eye clinic - TDH

Antivirus creator John McAfee reportedly found dead in prison cell - Bleeping Computer

ChaChi: a new GoLang Trojan used in attacks against US schools - ZDNet

Clop ransomware is back in business after recent arrests - Bleeping Computer

Councils Reported Over 700 Data Breaches in 2020 - InfoSecurity

Cyber-attack Exposes Eye Clinic Patient Data - InfoSecurity

Defense supply chain vulnerabilities creating security gaps - Help Net Security

El fundador del antivirus McAfee, John McAfee, se suicida en una prisión de Barcelona - El Pais

Employee Privacy Gap Discovered - InfoSecurity

Gaming Industry Experiences 340% Spike in Web App Attacks - InfoSecurity

'Golpe do PIX agendado': entenda o boato que circula nas redes sociais - G1 Tecnologia

Healthcare giant Grupo Fleury hit by REvil ransomware attack - Bleeping Computer

IT leaders say cybersecurity funding being wasted on remote work support: survey - ZDNet

It’s time for companies to take a hard look at how they manage secrets - Help Net Security

LV ransomware operators repurposed a REvil binary to launch a new RaaS - Security Affairs

Microsoft warns: Now attackers are using a call centre to trick you into downloading ransomware - ZDNet

MITRE adds D3FEND defensive cybersecurity techniques to ATT&CK Framework - Security Affairs

MITRE unveils ATT&CK Workbench sharing tool and NSA-backed D3FEND - ZDNet

Mr. Double’s Operator Jailed - InfoSecurity

MyRepublic targets enterprise, cybersecurity markets in Singapore - ZDNet

Nearly 10% of SMB Defense Contractors Show Evidence of Compromise - InfoSecurity

NordVPN Completed Aggressive Security Audit by VerSprite With No Worrying Findings - TechNadu

Only 7% of security leaders are reporting to the CEO - Help Net Security

Pakistan-linked hackers targeted Indian power company with ReverseRat - The Hacker News

Patch Tor Browser Bug to Prevent Tracking of Your Online Activities - The Hacker News

PYSA ransomware backdoors education orgs using ChaChi malware - Bleeping Computer

Ransomware: entenda como o vírus é usado em extorsões e saiba como se proteger - G1 Tecnologia

Ransomware decreases as cybercriminals hit more lucrative targets - Help Net Security

Scammer arrested for phishing operation, sent 25,000 texts in a day - Bleeping Computer

Shame culture is the biggest roadblock to increasing security posture - Help Net Security

SonicWall finally fixed a flaw resulting from a partially patched 2020 zero-day - Security Affairs

The paradox of post-quantum crypto preparedness - Help Net Security

Tulsa warns of data breach after Conti ransomware leaks police citations - Bleeping Computer

VMware fixes authentication bypass in Carbon Black App Control - Bleeping Computer

22/06

76% of IT decision makers more vulnerable to mobile attacks than just a year ago - Help Net Security

A ransomware attack disrupted the IT network of the City of Liege - Security Affairs

Average time to fix critical cybersecurity vulnerabilities is 205 days: report - ZDNet

Best practices for IT teams to prevent ransomware attacks - Help Net Security

Biden is worried about cybersecurity. Japan says watch cartoons - ZDNet

Brave launches its privacy-focused no-tracking search engine - Bleeping Computer

Can blockchain and MPC technology protect the integrity of auctions? - Help Net Security

Cloud security skills in high demand - Help Net Security

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021 - Security Affairs

Driving network transformation with unified communications - Help Net Security

DroidMorph tool generates Android Malware Clones - Security Affairs

French Teens on Trial for Cyber-bullying - InfoSecurity

Hackers are trying to attack big companies. Small suppliers are the weakest link - ZDNet

Have we reached peak ransomware? How the internet's biggest security problem has grown and what happens next - ZDNet

Malicious PyPI packages hijack dev devices to mine cryptocurrency - Bleeping Computer

Mysterious ransomware payment traced to a sensual massage site - Bleeping Computer

NIST Publishes Ransomware Guidance - InfoSecurity

NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws - The Hacker News

Peloton's $3,000 treadmill now comes with surprise 'subscription fee' - Bleeping Computer

Peloton Tread owners now forced into monthly subscription after recall - Bleeping Computer

Por que o STJ descartou prints do WhatsApp Web como provas de crimes - G1 Tecnologia

Researchers from Adversa devised an attack technique, dubbed ADVERSARIAL OCTOPUS, against Facial Recognition systems - Security Affairs

Sistemas do Grupo Fleury caem; empresa diz que foi alvo de ataque hacker - G1 Tecnologia

SonicWall bug affecting 800K firewalls was only partially fixed - Bleeping Computer

South Australia splashes out on space, defence, and cybersecurity in 2021-22 Budget - ZDNet

Unpatched Flaw in Linux Pling Store Apps Could Lead to Supply-Chain Attacks - The Hacker News

USB-based malware is a growing concern for industrial firms, new Honeywell findings show - CYber Scoop

Zephyr RTOS fixes Bluetooth bugs that may lead to code execution - Bleeping Computer

Wormable bash DarkRadiation Ransomware targets Linux distros and docker containers- Security Affairs

Wormable DarkRadiation Ransomware Targets Linux and Docker Instances - The Hacker News

21/06

Agent Tesla RAT Returns in COVID-19 Vax Phish - ThreatPost

Amazon Prime Day - Beware of Phishing Deluge, Experts Warn - InfoSecurity

Beware! Connecting to This Wireless Network Can Break Your iPhone's Wi-Fi Feature - The Hacker News

Cybercriminals Increasingly Target Manufacturing, IP - Security Boulevard

Digital Health Agency says My Health Record risk mitigation work on-track - ZDNet

DroidMorph Shows Popular Android Antivirus Fail to Detect Cloned Malicious Apps - The Hacker News

Embrace integrations and automation as you build a security program - Help Net Security

Google will likely announce a new feature that will allow users to quickly locate their missing mobile devices - TDH

How do I select a virtual SOC solution for my business? - Help Net Security

How to rethink risks with new cloud deployments - Help Net Security

iPhone bug makes it easy for someone to break your Wi-Fi -- here's the fix and how to prevent it - ZDNet

Krebs on Ransomware - Security Boulevard

Labor Bill would force Aussie organisations to disclose when they pay ransoms - ZDNet

LockBit Returns to the Ransomware Space With the Launch of a New Affiliate Program - TechNadu

MI5 seized Boris Johnson’s phone over security risk fears - Security Affairs

More Data Stolen in January 2021 than in all of 2017 - Security Boulevard

Most organizations would pay in the event of a ransomware attack - Help Net Security

Multi-cloud transit enhances app experience but brings complexity and security challenges - Help Net Security

North Korean hacking group allegedly behind breach of South Korean nuclear institute - ZDNet

Norway blames China-linked APT31 for 2018 government hack - Security Affairs

NSA releases guidance for securing Unified Communications and VVoIP - Security Affairs

Nuclear Research Institute Breached by Suspected North Korean Hackers - InfoSecurity

Odisha Police Warns About a Rise in ‘Joker’ Malware Infections - TechNadu

Ohio Medicaid Provider Suffers Data Breach - InfoSecurity

Only 50% of WA government entities get a pass mark for infosec - ZDNet

Over 30,000 Fertility Clinic Patients Hit by Ransomware Data Breach - InfoSecurity

Poland: The leader of the PiS party blames Russia for the recent attacks - Security Affairs

Prominent defibrillator management tool exposed to remote attacks - HackRead

Scammers are impersonating the DarkSide ransomware gang - Help Net Security

UK Parliamentary Staffers Lost 96 Devices in Past Two Years - InfoSecurity

What is plaguing digital identities? - Help Net Security

YouTube Ripping Sites Under Pressure to Log User Data - TechNadu

20/06

Baby clothing giant Carter’s exposed trove of shoppers data -HackRead

Compensation uncertain for Vastaamo victims - Yle

Cybersecurity in the digital age has been compromised - Bolly Inside

Energy and Food Sectors being targeted by a phoney DarkSide ransomware gang - TDH

Fertility clinic discloses data breach exposing patient info - Bleeping Computer

Hackers Are Using Google Docs As A Platform For Yet Another Dangerous Phishing Attack - Digital Information World

Miami cruise operator Carnival discloses personal data breach, cyberattack - Financial World

New vigilante malware blocks people from watching or downloading pirated content - GRM Daily

NATO Adds Cyber Commitments, Potential Ransomware Response - Government Technology

Personal info of more than 500 patients taken during Farmington hospital data breach - Farmington Daily Times

Scammers Are Using Fake Devices to Steal Cryptocurrency Wallets - PC Magazine UK

Study Reveals the Startling Impact of Ransomware, 8 in 10 of Those Who Paid a Ransom Experienced Another Attack - Digital Information World

The problem with Joe Biden’s red line to Vladimir Putin on cyberattacks - Mint

This bug can permanently break iPhone WiFi connectivity - Security Affairs

Trickbot remains as top malware threat in the UAE - ITP Net

Why We Care About Cybersecurity Hygiene - Cyber Defense Magazine

Within a week, hackers gained access to 91 percent of compromised accounts and used them to send out massive credential phishing messages - Bolly Inside

Worst Hackers Avoid Attacking Eastern European Nations - Bolly Inside