NEWS: Novembro / Dezembro (28/11 - 04/12) - 48 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!

04/12

Cybercrimes on the up, with SA annually losing about R2.2 billion - IOL

Darktrace Reports 30% More Ransomware Attacks Targeting Organizations During The Holiday Period - Indian Web 2

Data leak of personal employee info least disclosed type of breach: Report - The Hindu Business Line

How a Small Email Phish Can Become a Million Rand Ransom - IT News Africa

How to Practice Online Safety: Tips and Tricks in 2021 - Beebom

Improve Your Security Strategy: The Rise of Ransomware - Best Gamingpro

Malicious KMSPico installers steal your cryptocurrency wallets - Bleeping Computer

Nepal unveils plan to regulate Internet of Things, machine to machine communication - Ahmedabad Mirror

Online shoppers to be targeted by cybercriminals this festive season as Christmas shopping season underway, experts warn - IOL

Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats - The Hacker News

Spain: The National Police warns CaixaBank is being used again to steal your data - News Trace

We know who is attacking us and we know how to get even, says Israel's cyber defense chief - Kake

03/12

APTs Adopting New Phishing Methods to Drop Payload - BankInfo Security

Are your PLCs an easy target? A mindset shift can significantly reduce PLC firmware vulnerabilities - Process and Control Today

Blundering NHS says sorry after sharing patients' email addresses - Stoke Sentinel

Building new relevance in managed security will be key to channel success in 2022 - Reseller News

Cryptocurrency Scams: 5 Ways to Spot, Avoid and Protect - Analytics Insight

Cyber fraud fears rise towards festive season - CajNews Africa

Darktrace reports 30% more ransomware attacks targeting organisations during the holiday period - Cambridge Network

Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077) - Help Net Security

Fake support agents call victims to install Android banking malware - Bleeping Computer

FBI: Cuba ransomware breached 49 US critical infrastructure orgs - Bleeping Computer

FBI warning: Hackers are targeting this flaw in Zoho ManageEngine ServiceDesk Plus - ZDNet

Firewalls and Security Protocols Alone Cannot Keep Hackers Out - InfoSecurity Magazine

How MFA Can Help Prevent Data Breaches - Security Boulevard

How to avoid being a hacker's next target: Don't overshare information on business social media - TechRepublic

It's a truly cruel scam. Here's the dramatic way Google is trying to stop it - ZDNet

Major trends in online identity verification for 2022 - Help Net Security

Massachusetts Registry of Motor Vehicles warns about phishing scam - 10 WJAR

Misconfigured Database Leaks Info on 150K E-commerce Buyers - InfoSecurity Magazine

New Malvertising Campaigns Spreading Backdoors, Malicious Chrome Extensions - The Hacker News

New Payment Data Stealing Malware Hides in Nginx Process on Linux Servers - The Hacker News

Omicron Phishing Campaign Hits User Inboxes - InfoSecurity Magazine

Password-stealing and keylogging malware is being spread through fake downloads - ZDNet

Phishing kits’ favorite brand? Amazon - Help Net Security

Researchers Detail How Pakistani Hackers Targeting Indian and Afghan Governments - The Hacker News

Researchers discover 14 new data-stealing web browser attacks - Bleeping Computer

SMS firewall revenue to reach $4.1 billion in 2026 - Help Net Security

Tardigrade Malware Poses Unprecedented Threat to Biomanufacturers - Health IT Security

There's been a big jump in crooks selling access to hacked networks. Ransomware gangs are their best customers - ZDNet

This password-stealing and keylogging malware is being spread through fake software downloads - ZDNet

Threat actors stole $120 M in crypto from BadgerDAO DeFi platform - Security Affairs

Tor2Mine cryptominer has evolved: Just patching and cleaning the system won’t help - Help Net Security

Twitter and Meta Tackle Anti-Vaxxers and Chinese Disinformation - InfoSecurity Magazine

Watch out for Omicron COVID-19-themed phishing messages! - Security Affairs

What to Look For in an MDR Provider - Security Boulevard

Why Everyone Needs to Take the Latest CISA Directive Seriously - The Hacker News

Widespread Threats Target Automotive Companies - Security Boulevard

02/12

AWS SageMaker Notebook Takeover Vulnerability - Security Boulevard

CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability - The Hacker News

Colorado energy company loses 25 years of data after cyberattack, still rebuilding network - ZDNet

Config error left 190 Australian organisations open to phishing attacks - ITNews

Cyber-Attack on Planned Parenthood - InfoSecurity Magazine

DHS: Cybersecurity coordinators and vulnerability assessments mandatory for rail companies - ZDNet

Double Extortion Ransomware Victims Soar 935% - InfoSecurity Magazine

Europol arrested 1800 money mules as part of an anti-money-laundering operation - Security Affairs

Federal government refreshes digital transformation strategy and expands cyber hub trial - ZDNet

How phishing kits are enabling a new legion of pro phishers - Help Net Security

How to Outplay the Ransomware Playbook - Security Boulevard

Malware variants in 2021: Harder to detect and respond to - Help Net Security

Meta Expands Facebook Protect Program to Activists, Journalists, Government Officials - The Hacker News

Meta expanding Facebook security program for government officials, journalists, activists - ZDNet

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library - Security Affairs

New malware hides as legit nginx process on e-commerce servers - Bleeping Computer

Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling - Help Net Security

Over 4 Mn Payment Card Details Hawked on Dark Web - CISO Mag

Phishing Scam Targets Military Families - InfoSecurity Magazine

Planned Parenthood LA: Ransomware attack leaks health data of 400,000 patients - ZDNet

Police Arrest 1800 in Major Money Laundering Crackdown - InfoSecurity Magazine

Railway cyber risk management: Raising awareness on relevant threats - Help Net Security

Ransomware and fleeceware among the top threats of 2021 - Express Computer

Researches Detail 17 Malicious Frameworks Used to Attack Air-Gapped Networks - The Hacker News

Russian Bulletproof Hosting Kingpin Gets Five Years - InfoSecurity Magazine

Security Hygiene, Posture Management Remain Challenging - Security Boulevard

Shopping online? FBI says beware of these holiday scams and phishing threats - ZDNet

The importance of vulnerability management for your organization - Help Net Security

Twitter removes another 3,000 state-backed accounts linked to six countries - ZDNet

01/12

300.000+ users downloaded malware droppers from Google Play - Help Net Security

AI/ML Powered Automation: The Future of Cybersecurity at Scale - Security Boulevard

Alarming rise in cyberattacks against healthcare facilities, 68 attacks in Q3 2021 only - Help Net Security

Amazon Web Services, CrowdStrike and Presidio partner for ransomware mitigation kit - ZDNet

API security awareness: The first step to better assessing the risk - Help Net Security

Control failures are behind a growing number of cybersecurity incidents - Help Net Security

Dell Allies with AWS to Protect Data - Security Boulevard

Despite the popularity of password managers, many still use pen and paper - Help Net Security

Development of Corporate Applications Based on Artificial Intelligence - HackRead

DNA testing service data breach impacting 2.1 million users - HackRead

Europol: 18k money mules caught laundering money from online fraud - Bleeping Computer

FBI training document shows lawful access to multiple encrypted messaging apps - Security Affairs

Hackers Increasingly Using RTF Template Injection Technique in Phishing Attacks - The Hacker News

Hacker Jailed for Stealing Millions of Dollars in Cryptocurrencies by SIM Hijacking - The Hacker News

How to Proactively Remove File-Based Malware - Security Boulevard

HP Printer Hijack Bugs Impact 150 Models - InfoSecurity Magazine

Improving Cybersecurity With MITRE ATT&CK Framework - Security Boulevard

Is the Market for Hardware Security Appliances Doomed? - Security Boulevard

MI6 Boss: Digital Attack Surface Growing "Exponentially" - InfoSecurity Magazine

Malicious Android app steals Malaysian bank credentials, MFA codes - Bleeping Computer

Microsoft Exchange servers hacked to deploy BlackByte ransomware - Bleeping Computer

Microsoft fixes installation issues in new Windows 11 dev build - Bleeping Computer

Most Brazilian businesses set to boost cybersecurity spend in 2022 - ZDNet

Mozilla fixes critical bug in cross-platform cryptography library - Bleeping Computer

New Babadeda Crypter Geared Towards the Crypto and NFT Communities - The Digital Hacker

New EwDoor Botnet Targeting Unpatched AT&T Network Edge Devices - The Hacker News

New RTF Template Inject technique used by APT groups in recent attacks - Security Affairs

Organizations Now Have 76 Security Tools to Manage - InfoSecurity Magazine

Panasonic Concurs Breach Due to Third-Party Access to its File Server - CISO Mag

Sabbath Ransomware target critical infrastructure in the US and Canada - Security Affairs

State-backed hackers increasingly use RTF injection for phishing - Bleeping Computer

The ripple effect: Why protection against supply chain attacks is a must - Help Net Security

These researchers wanted to test cloud security. They were shocked by what they found - ZDNet

TrickBot Checks Screen Resolution to Avoid Detection with a twist - The Digital Hacker

Twitter to Remove Private Media - InfoSecurity Magazine

U.K. Govt. Fines Clearview $22.6 Mn Over Privacy Violations - CISO Mag

VirusTotal Collections allows enhancing the sharing of Indicators of Compromise (IoCs) - Security Affairs

VirusTotal Collections feature helps keep neat IoC lists - Bleeping Computer

VMware's Carbon Black offers more analyst assistance to respond to attacks - ZDNet

Without Consent, Twitter prohibits users from sharing personal photos and videos of others - The Digital Hacker

30/11

4 Android banking trojans infected over 300,000 devices via Google Play - The Digital Hacker

4 Android banking trojans were spread via Google Play infecting 300.000+ devices - Security Affairs

8-year-old HP printer vulnerability affects 150 printer models - Bleeping Computer

300,000 Android users impacted by malware apps on Play Store - HackRead

Aviatrix Adds Security Capabilities to Cloud Management Platform - Security Boulevard

Black Friday 2021, a great opportunity for hackers to carry out their criminal activities - The Digital Hacker

Critical Wormable Security Flaw Found in Several HP Printer Models - The Hacker News

Cyberattacks in 2021 Highlighted Critical Infrastructure Risks - Security Boulevard

Cyber Essentials Set for Major Update in 2022 - InfoSecurity Magazine

Dark web market Cannazon shuts down after massive DDoS attack - Bleeping Computer

DNA testing firm discloses data breach affecting 2.1 million people - Bleeping Computer

Ecommerce retailers facing a 350% increase in fraudulent online orders - Help Net Security

Google warned its users; cryptocurrency miners using hacked cloud accounts - The Digital Hacker

Hackers could steal encrypted data now and crack it with quantum computers later, warns analysts - ZDNet

How to combat ransomware with visibility - Help Net Security

Implications of strengthening the cybersecurity of small business in America - Help Net Security

Kentucky Energy and Environment Cabinet announces data security breach - Data Breaches Net

Manufacturing Industry Is the Second Most Affected by Ransomware - Quality Digest

Massive online crime crackdown leads to 1,000 arrests - Help Net Security

Most challenging security threats for CTOs - Help Net Security

New Linux malware found a new place to hide itself - The Digital Hacker

Panasonic suffers a data breach when hackers breach its network - The Digital Hacker

Panasonic Suffers Data Breach After Hackers Hack Into Its Network - The Hacker News

Patching takes 2.5 times longer when endpoints are remotes - Help Net Security

Police Set for Record Haul in Anti-Card Fraud Operation - InfoSecurity Magazine

Printing Shellz: Critical bugs impacting 150 HP printer models patched - ZDNet

Ransomware Group Rebrands Multiple Times to Evade Detection - InfoSecurity Magazine

Searching for Bugs in Open Source Code - Security Boulevard

Security for IoT Networks Needs to Reflect an OT Mindset - Security Boulevard

Spy chief's warning: Our foes are now 'pouring money' into quantum computing and AI - ZDNet

Twitter Bans Users From Posting 'Private Media' Without a Person's Consent - The Hacker News

UK and Israel Pledge Greater Cooperation in Cybersecurity - InfoSecurity Magazine

Unpatched Microsoft Exchange Servers abused in new phishing campaign - HackRead

Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS - The Hacker News

WIRTE Hacker Group Targets Government, Law, Financial Entities in Middle East - The Hacker News

Yanluowang ransomware operation matures with experienced affiliates - Bleeping Computer

29/11

4 Android Banking Trojan Campaigns Targeted Over 300,000 Devices in 2021 - The Hacker News

5 High-Risk Vulnerabilities In E-Commerce Applications - Security Boulevard

82% of IT leaders looking to cloud for critical mainframe applications to remain competitive - Help Net Security

1,000 arrests made in online fraud crackdown, says Interpol - ZDNet

Addressing the cybersecurity skills gap with higher education - Help Net Security

An Ounce of Segmentation Is Worth a Pound of Ransomware Cure - Channel Future

Apex Brasil sofre ataque de hacker - Metropoles

APT37 targets journalists with Chinotto multi-platform malware - Bleeping Computer

Attackers exploiting Windows Installer vulnerability despite patching - HackRead

Bay Village school district accidentally releases seniors' personal info, including grades, to all families - News 5 Cleveland

Behavioral biometrics: A promising tool for enhancing public safety - Help Net Security

Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition - Security Affairs

Butler County Community College closes for 2 days after cyberattack - Pittsburgh Post-Gazette

Cyber-attack on Ikea - Retail Detail

Cybercriminals: Frenemies China, Russia, North Korea - Security Boulevard

Cybersecurity graduates are doubling, but that's still not going to fix the skills crisis - ZDNet

Cyber Security Predictions for 2022 - Security Boulevard

Data Breach at Panasonic - InfoSecurity Magazine

Debunking Myths About CMMC 2.0 - Security Boulevard

DVLA scam warning as fraudsters target motorists with phishing emails and texts - Daily Record

ETHS Defrauded Of $48,570 In Hack That Exposed 1,139 Identities - Patch Illinois

Five alarming cyber predictions - Professional Security Magazine Online

Former Northwell hospital employee charged with HIPAA violation for snooping 13,000 patient EHRs - Becker's Health IT

Google says people are hacking cloud accounts to mine cryptocurrency - Metro

Hackers Using Compromised Google Cloud Accounts to Mine Cryptocurrency - The Hacker News

Highland Village targeted in phishing attack - The Cross Timbers Gazette

Hospital cyber-attacks are the new pandemic; here’s the cure - Jewish News Syndicate

Ikea email systems bombarded by phishing attacks - TechRadar Pro

Israel Blamed for Crippling Attack on Iranian Gas Stations - InfoSecurity Magazine

Israel cut cyber export list, excluding totalitarian regimes - Security Affairs

Lewis and Clark Cyberattack: Community College Ransomware Recovery Updates - MSSP Alert

Mid-market IT leadership top 2022 objective: Strengthening security - Help Net Security

Nadra’s data breach a national security threat - International The News

New Chinotto Spyware Targets North Korean Defectors, Human Rights Activists - The Hacker News

Over 300,000 Android users have downloaded these banking trojan malware apps, say security researchers - ZDNet

Panasonic confirms data breach after hackers access internal network - Tech Crunch

Patients File Lawsuits in Wake of Healthcare Data Breaches - Health IT Security

Phishing attacks top 260,000 in Q3 2021 - Help Net Security

Putting the “sec” in DevSecOps: An overall reduction of risk - Help Net Security

Queensland government energy generator hit by ransomware - ZDNet

Ransomware Attack Affects over 2300 Sonoma County Clients - KSRO

Ransomware teaches us the importance of data protection - Computer Weekly

Rapid Money Laundering Response Helps Intercept $27m - InfoSecurity Magazine

Sabbath hackers are targeting US schools and hospitals - ITPro

Securing Corporate Philanthropy on Giving Tuesday - Security Boulevard

Stealthy WIRTE hackers target governments in the Middle East - Bleeping Computer

The True Cost Of Rising Cyber Threats, According To A Cybersecurity CFO - Forbes

Two Drug Dealers Get 18 Years Following EncroChat Bust - InfoSecurity Magazine

Vestas ‘close to normal’ after ransomware attack - ReNews

28/11

0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day - Security Affairs

DEFCON 29 IoT Village – Amit Elazari’s, Anahit Tarkhanyan’s And Rita Cheruvu’s ‘Establishing IoT Trustworthiness’ - Security Boulevard

DEFCON 29 IoT Village – Cheryl Biswas’ ‘Mind The Gap: Managing Insecurity In Enterprise IoT’ - Security Boulevard

French court indicted Nexa Technologies for complicity in acts of torture - Security Affairs

Google security report reveals, compromised cloud instances used for crypto mining - AMB Crypto

Hadera hospital back to work over month after cyberattack - The Times Of Israel

Interpol Arrests Over 1,000 Cyber Criminals From 20 Countries; Seizes $27 Million - The Hacker News

Jamaica: Data security in an advanced world - The Gleaner

Library officials recount actions in wake of cybersecurity incident - The Blade

Millions of Android phones infected by dangerous malware, these phones are at risk - Express

North Korea-linked Zinc group posed as Samsung recruiters to target security firms - Security Affairs

Proactively Securing Your Enterprise Cloud - Security Boulevard

Proactively Securing Your Enterprise Cloud - HolistiCyber

RATDispenser, a new stealthy JavaScript loader used to distribute RATs - Security Affairs

Study Reveals Cybersecurity Threats Across Microsoft Windows OS In 2021 Have Reached Over 100 Million - Digital Information World

Targeted cyberattacks on cryptocurrency industry to rise in 2022: Report - The Hindu Business Line

Telcos to get expanded scam-blocking powers through telecommunications law amendment - ZDNet

The Canadian lab that exposed a critical flaw that left Apple devices vulnerable - National Post

Will Artificial Intelligence Help or Hurt Cyber Defense? - Government Technology

NEWS: Novembro (21/11 - 27/11) - 47 Semana de 2021