NEWS: Março (21/03 - 27/03) - 12 Semana de 2021

Cybersecurity News !!! Hacking is a Lifestyle .....

27/03

Android Malware Posing as System Update Steals Sensitive Data - TechNadu

Apple releases emergency update for iPhones, iPads, and Apple Watch - ZDNet

Apple released out-of-band updates for a new Zero‑Day actively exploited - Security Affairs

Apple Releases Urgent Patch to Fix Zero-Day Under Active Exploitation - TechNadu

Demystifying Cyber Insurance to Enable Adoption - CISO Mag

New Android malware spies on you while posing as a System Update - Bleeping Computer

Shorter Release Windows and VOD Platforms Are Seriously Hurting Piracy - TechNadu

Watch Out! That Android System Update May Contain A Powerful Spyware - The Hacker News

26/03

70% of organizations recognize the importance of secure coding practices - Help Net Security

Alan Turing, WWII Cryptanalyst and Computer Pioneer, on New £50 Note - Security Boulevard

American Telcos Fix Their Systems to Prevent $16 SMS Hijacking - TechNadu

Apple fixes a iOS zero-day vulnerability actively used in attacks - Bleeping Computer

Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack - The Hacker News

Attack volume surged by 48% during the first year of the pandemic - Help Net Security

Boards still aren't taking cybersecurity seriously, warns new NCSC boss. That means everyone is at risk - ZDNet

Exchange Server attacks: Microsoft shares intelligence on post-compromise activities - ZDNet

FBI exposes weakness in Mamba ransomware, DiskCryptor - Bleeping Computer

Financial services and insurance faring better than most in the pandemic year - Help Net Security

German Parliament Bundestag targeted again by Russia-linked hackers - Security Affairs

German Parliament targeted again by Russian state hackers - Bleeping Computer

Google says ACCC's work on ad tech regulation could be at odds with Privacy Act - ZDNet

Google sets up Android group for future car keys, national ID, e-wallets - ZDNet

Hades ransomware gang targets big organizations in the US - Security Affairs

Hades ransomware operators are hunting big game in the US - ZDNet

Imperva Observes Hive of Activity Following Hafnium Microsoft Exchange Disclosures - Security Boulevard

Microsoft: Black Kingdom ransomware group hacked 1.5K Exchange servers - Bleeping Computer

Microsoft releases Windows 10 SSU to fix security update issue - Bleeping Computer

New 5G Flaw Exposes Priority Networks to Location Tracking and Other Attacks - The Hacker News

New Details on Astoria Company Hack Emerge - Security Boulevard

OpenSSL Just Fixed Two High-Severity Easy-to-Find Flaws - TechNadu

OpenSSL Releases Patches for 2 High-Severity Security Vulnerabilities - The Hacker News

Phished Healthcare Provider Takes Legal Action Against Amazon - InfoSecurity

Ransomware gang urges victims’ customers to demand a ransom payment - Bleeping Computer

Services Australia reported 20 security incidents to the ACSC in 2019-20 - ZDNet

SolarWinds patches critical code execution bug in Orion Platform - Bleeping Computer

The ‘Mamba’ Ransomware Can Be Unlocked, Says FBI - TechNadu

The war against the virus also fueling a war against digital fraud - Help Net Security

The Week in Ransomware - March 26th 2021 - Attacks increase - Bleeping Computer

UK Security Chief: CEOs Must Get Closer to Their CISOs - InfoSecurity

What is a VPN and why do you need one? Everything you have to know - ZDNet

With more than 400,000 crypto scams created in 2020, increase of 75% predicted for 2021 - Help Net Security

25/03

Challenges and benefits of using threat data feeds - Help Net Security

Cloudflare launches Page Shield to thwart Magecart card skimming attacks - ZDNet

Cloudflare Page Shield: Early warning system for malicious scripts - Bleeping Computer

Continued WAN and application growth resulting in network complexity - Help Net Security

Distributed and remote work creating a perfect storm for network security teams - Help Net Security

Four out of five companies say they've spotted this cyber-attack. Plenty still fall victim to it - ZDNet

Microsoft offers rewards for security bugs in Microsoft Teams - Help Net Security

Microsoft Teams now has its own bug bounties for researchers who can spot security flaws - ZDNet

Severe vulnerabilities patched in Facebook for WordPress Plugin - ZDNet

The good and the bad with Chrome web browser's new security defaults - ZDNet

This company was hit by ransomware. Here's what they did next, and why they didn't pay up - ZDNet

University students refunded for false ads touting job opportunities with Microsoft, Twitter - ZDNet

Using memory encryption in web applications to help reduce the risk of Spectre attacks - Help Net Security

Windows 10 ISO installs may fail to replace Microsoft Edge Legacy - Bleeping Computer

24/03

92% of worldwide Microsoft Exchange IPs are now patched or mitigated - Security Affairs

A day before elections, hackers leaked details of millions of Israeli voters - Security Affairs

AEC confident in its security posture with external audits not welcome - ZD Net

Apple has a problem with ProtonVPN wanting to challenge governments - ZD Net

Billions of FBS Records Exposed in Online Trading Broker Data Leak - Security Affairs

Billions of Records Belonging to an Online Trading Broker Have Been Leaked - TechNadu

Black Kingdom ransomware is targeting Microsoft Exchange servers - Security Affairs

Breach at California State Controller's Office - InfoSecurity

Cybersecurity awareness is too often a part-time effort - Help Net Security

Drug Maker to Pay $50m for Destroying Data - InfoSecurity

Firefox 87 launch packed with private browsing 'SmartBlock' - ZD Net

Google removes privacy-focused ClearURLs Chrome extension - Bleeping Computer

Hidden areas of security and the future of hybrid working - Help Net Security

Hundreds of fleeceware apps earn dubious iOS, Android developers over $400 million - ZD Net

(IN)SECURE Magazine issue 68 released - Help Net Security

IT leaders adapting to new challenges by prioritizing collaboration, cloud and security - Help Net Security

Microsoft: 92% of vulnerable Exchange servers are now patched, mitigated - ZD Net

NIST Password Guidelines 2021: Challenging Traditional Password Management - Security Boulevard

Preventing Cyberattacks on Water Infrastructure - Security Boulevard

Proton Founder Accuses Apple of “Giving in to Tyrants” - InfoSecurity

Purple Fox malware evolves to propagate across Windows machines - ZD Net

Purple Fox Malware Targets Windows Machines With New Worm Capabilities - ThreatPost

Remote workers admit to playing a significant part in increasing their company’s cybersecurity risks - Help Net Security

Researcher Finds Trouble for Responsibly Disclosing Data Leak - TechNadu

Resentful employee deletes 1,200 Microsoft Office 365 accounts, gets prison - Bleeping Computer

SaltStack revises partial patch for command injection, privilege escalation vulnerability - ZD Net

Sierra Wireless Halts Production After Ransomware Attack - InfoSecurity

Total combined fraud losses climbed to $56 billion in 2020d - Help Net Security

23/03

80% of security leaders would like more control over their API security - Help Net Security

A year on from the home working surge, cybersecurity practices are still inadequate - Beta News

CD Projekt Red Game Data to be Sold in ‘Charity’ Auction - Digit

Cloudflare debuts zero-trust browsing service for remote enterprise workforce - ZD Net

CNA insurance firm hit by a cyberattack, operations impacted - Bleeping Computer

CSAE: Guiding principles and best practices for data scientific investigations of organized crime - Help Net Security

Cybercrime Incidents Has Increased by 125% in 2020. $13.3bn Lost in 5 Years - TechNext

Data breaches and network outages: A real and growing cost for the healthcare industry - Help Net Security

Debt-chasing UK councils potentially expose private resident data - ZD Net

Disrupting the Cybercriminal Supply Chain - Dark Reading

Eastern Health limping back to normal, ransomware may be cause - ITWire

Fake 'McDonald's CEO' nearly scams restaurant of $4,000 - Toronto Sun

GB News channel targeted by ‘elaborate LinkedIn phishing attack’ ahead of launch - I News

Hackers claim attack on Oklahoma company, state agency - The Oklahoman

Hairdresser suing breast enlargement clinic due to 'stress' over 'cyber attack' - Express UK

Healthcare data breach fears raised as US orthopedic clinic admits leaving patient records on insecure server - The Daily Swig

High-availability server maker Stratus hit by ransomware - Bleeping Computer

How remote working still poses security risks for organizations - TechRepublic

IT admin with axe to grind sent to prison for wiping Microsoft user accounts - ZD Net

MangaDex Hacked and User Data Stolen by Actors - TechNadu

MangaDex Site Could Be Offline for Weeks After Attack - InfoSecurity

National Cyber Security Centre warns of increased ransomware attacks on education sector - Education Technology

Oil giant Shell discloses data breach linked to Accellion FTA vulnerability - ZD Net

Phish Leads to Breach at California State Controller - KrebsOnSecurity

Phishing, Malware Scams Target U.S. Taxpayers - MSSP Alerts

Privacy Commissioner wants more protections for individuals in Data Availability Bill - ZD Net

Protecting Your Data Lake Requires a New Mindset - Inside BigData

Ransomware attack halts production at IoT maker Sierra Wireless - ZD Net

Ransomware attack shuts down Sierra Wireless IoT maker - Bleeping Computer

Ransomware Extortion Threat Actors Post Data from 4 Healthcare Entities - Health IT Security

Ransomware gang leaks data stolen from Colorado, Miami universities - Bleeping Computer

Security in Gaming - Invision Community

Shell Latest to Fall to Accellion FTA Exploits - InfoSecurity

Tackling cross-site request forgery (CSRF) on company websites - Help Net Security

Three billion phishing emails are sent every day. But one change could make life much harder for scammers - ZD Net

UK Tax Service Exposed Thousands Through Careless Bulk SMS Operation - TechNadu

Why DDI technology is fundamental for multicloud success - Help Net Security

22/03

Adobe addresses a critical vulnerability in ColdFusion product - Security Affairs

API security becomes a ‘top’ priority for enterprise players - ZD Net

China takes aim at ‘spying’ Tesla cars, bans military staff use - ZD Net

Compliance department spending plateaued in 2020 - Help Net Security

Critical code execution vulnerability fixed in Adobe ColdFusion - Bleeping Computer

Critical RCE Vulnerability Found in Apache OFBiz ERP Software—Patch Now - The Hacker News

Cybercriminals capitalizing on our reliance on the cloud - Help Net Security

Data protection challenges hinder digital transformation initiatives - Help Net Security

Energy giant Shell discloses data breach after Accellion hack - Bleeping Computer

How to stay ahead of the rise of synthetic fraud - Help Net Security

Microsoft Exchange Server attacks: 'They're being hacked faster than we can count', says security company - ZD Net

Microsoft Exchange servers now targeted by BlackKingdom ransomware - Bleeping Computer

Microsoft shares workaround for 0xc004c003 Windows 10 activation errors - Bleeping Computer

Mozilla Firefox adopts new privacy-enhancing Referrer Policy - Bleeping Computer

Mozilla Firefox tweaks Referrer Policy to shore up user privacy - ZD Net

Phishers’ perfect targets: Employees getting back to the office - Help Net Security

Popular Netop Remote Learning Software Found Vulnerable to Hacking - The Hacker News

Rapid increase in security tools causing alert fatigue and burn out - Help Net Security

SavvyShares compensates consumers for access to their data - ZD Net

Seguro contra ciberataques dispara no Brasil com LGPD e megavazamentos - Exame

Synnex anuncia fusão com Tech Data em negócio de US$ 7,2 bilhões - Money Times

The financial impact of cybersecurity vulnerabilities on credit unions - Help Net Security

21/03

Australian Ministers Are Targets in Telegram Phishing Scam - Bloomberg

Chinese attack group seeking information about technologies connected to 5G - Israel Defense

Cybercrime In Spain Has Risen By 300% During The Pandemic - EuroWeekly

Huge increase in Royal Mail and DPD scams in the past year - DosetEcho

Is Subway Offering $55 Gift Cards on Facebook for its Anniversary? - Snopes

Microsoft Defender Can Now Automatically Prevent Exchange Server Exploits - Make Use Of

New Malware For macOS Rose To Shocking Numbers In 2020 - Digital Information World

Russian man admits ransomware plot against Tesla in Nevada - Hindu Tech

The Peculiar Ransomware Piggybacking Off of China’s Big Hack - Wired