NEWS: Outubro (17/10 - 23/10) - 42 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!!

23/10

Chico State graduate charged in data breach; professor cleared - The Orion

Connected home devices posing more hacking risks for Indian firms - Sify

Corry School District says ransomware attack may have exposed data on staff, students - GoErie

Facebook Sues Ukrainian Hacker Who Stole Millions of Sensitive User Details From Messenger - TechNadu

Ferrara Ransomware Attack: A US candy company struggles to keep up with demand after hackers encrypt its systems - Brinkwire

How to protect yourself from phishing attacks: Top online banking tips - Hindu Times

Human Hacking and Multi-Channel Phishing is Surging - Slash Next

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks - The Hacker News

Popular NPM library hijacked to install password-stealers, miners - Bleeping Computer

Ransomware Attacks Perpetrated via Vulnerability in BillQuick Billing Software - TechNadu

Report: Over 3 Million Email Addresses of CoinMarketCap Users Leaked - Crypto Potato

Russian Drivers' Personal Data Available Online for Less than the Price of an iPhone - Auto Evolution

Windows ransomware gang moves earnings, others slam US after REvil takedown - ITWire

22/10

3 Million CoinMarketCap Email Addresses Have Leaked - Crypto Briefing

6.8M in Bitcoin held by DarkSide ransomware group on the move - Invezz

27 Unique Malware Deliverables Discovered from Discord CDN Abuse - TechNadu

A Trojan Can Ruin Your Online Shopping Experience - Flux

Attack that is blocking CBS shows like 'Jeopardy!' What is, Russian ransomware? - The Gainesville Sun

Candy production impacted by ransomware attack - Forest Park Review

Cisco SD-WAN Security Bug Allows Root Code Execution - Threatpost

Countries agree to 'urgent action' on ransomware, but issue few specifics - Saskatoon StarPhoenix

Cybersecurity threats challenge K-12 schools’ resilience and preparedness - Security Infowatch

DarkSide ransomware rushes to cash out $7 million in Bitcoin - Bleeping Computer

DNS attacks are targeting more businesses than ever - Techradar Pro

Embracing secure hybrid work with four foundational IT controls - Help Net Security

Ex-carrier employee sentenced for role in SIM-swapping scheme - ZDNet

Federal agencies issue ransomware alert related to ag - Farms Com

Ferrara Hit With Ransomware Attack - Food processing

FIN7 Bolsters Ransomware Threats With New Recruits - TechNadu

FIN7 Sets Up Fake Pentesting Company Site to Recruit Talent - GovInfo Security

FinCEN Reports Spiraling SARs Relating to Ransomware - JD Supra

Groove ransomware calls on all extortion gangs to attack US interests - Bleeping Computer

Hackers Exploit Flaw In BQE Software’s Billing System To Deploy Ransomware: Huntress - CRN

Halloween Horror-Show for Candy-Maker Hit by Ransomware - InfoSecurity Magazine

Illinois candy giant hit with ransomware weeks before Halloween - ZDNet

Italian celebs' data exposed in ransomware attack on SIAE - Bleeping Computer

Many Canadian firms knuckle under to ransomware demands, survey suggests - Leader Post

Missouri Officials: Teacher Information Data Breach to Cost $50M Outline - Insurance Journal

My Health Record imaging services security failed ADHA password standards - ZDNet

Over 35,000 citizen data at stake as digital marketing agency Fimmick attacked by ransomware - Marketing Interactive

Phishing Tackle releases Smishing-as-a-Service to reduce the risk of text message phishing - Help Net Security

Ransomware Gang Built A Fake Cybersecurity Start-Up To Recruit Unwitting IT Specialists - Hot Hardware

REvil ransomware group hacked by multiple governments – reports - Verdict

SCUF Gaming store hacked to steal credit card info of 32,000 customers - Bleeping Computer

Sinclair Staffers Say Company in Disarray 5 Days After Ransomware Attack (Report) - The Wrap

The Biggest Cyber-Threat Isn't Hackers, It's Insider Threats - InfoSecurity Magazine

The Tokyo 2020 Olympics saw how many attempted cyber attacks? - Government Technology

Unhappy customers and their own tricks used against them, REvil ransomware gang reportedly pulled offline by 'multi-country' operations - The Register

21/10

Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer - The Hacker News- The Hacker News

Data Scrapers Expose 2.6 Million Instagram and TikTok Users - InfoSecurity Magazine

Fraud never sleeps: Why biometrics is essential for effective fraud prevention - Help Net Security

Google disrupts massive phishing and malware campaign - ZDNet

Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts - The Hacker News

How do I select a GRC solution for my business? - Help Net Security

Increased activity surrounding stolen data on the dark web - Help Net Security

Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices - The Hacker News

Many organizations lack basic cyber hygiene despite high confidence in their cyber defenses - Help Net Security

Palo Alto warns of BEC-as-a-service - ZDNet

Siloed security data hamper the ability to achieve collective defense - Help Net Security

Smartphone counterespionage for travelers - Help Net Security

Threat Actors Abusing Discord to Spread Malware - InfoSecurity Magazine

U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes - The Hacker News

US judge sentences duo for roles in running bulletproof hosting service - ZDNet

US to Ban Export of Hacking Tools to Authoritarian States - InfoSecurity Magazine

20/10

81% of UK Healthcare Organizations Hit by Ransomware in Last Year - InfoSecurity Magazine

Attack surface larger than ever as organizations shift to remote and hybrid work - Help Net Security

Black market traders cash in on fake COVID-19 vaccination records - ZDNet

Companies Failing to Protect Domain Registrations - Security Boulevard

Five game-changing factors for companies dealing with ransomware attacks - Help Net Security

Hackers are disguising their malicious JavaScript code with a hard-to-beat trick - ZDNet

LightBasin Hackers Breach at Least 13 Telecom Service Providers Since 2019 - The Hacker News

LightBasin Operation Compromises 13 Global Telcos in Two Years - InfoSecurity Magazine

Members of at least two health insurance plans notified of ransomware attack on PracticeMax - DataBreaches Net

Microsoft, Intel and Goldman Sachs Team Up For New Supply Chain Security Initiative - InfoSecurity Magazine

Microsoft launches Privacy Management for Microsoft 365 - Help Net Security

Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices - The Hacker News

Mobile application security guide, from development to operations - Help Net Security

New Linux kernel memory corruption bug causes full system compromise - HackRead

Organizations lack basic cybersecurity practices to combat the growing tide of ransomware - Help Net Security

OWASP's 2021 List Shuffle: A New Battle Plan and Primary Foe - The Hacker News

Security, remote work support top concerns amongst firms - ZDNet

Supply chain attacks are the hacker's new favourite weapon. And the threat is getting bigger - ZDNet

Twitter Pulls Account After Argentinian Mega Breach Claims - InfoSecurity Magazine

Zerodium is looking for zero-day exploits in ExpressVPN, NordVPN, and Surfshark Windows VPN clients - Security Affairs

What are the post-pandemic security concerns for IT pros? - Help Net Security

19/10

83% of Ransomware Victims Pay the Demand - InfoSecurity Magazine

A New Variant of FlawedGrace Spreading Through Mass Email Campaigns - The Hacker News

ACE takes down Electro TV Sat pirate streaming service - Bleeping Computer

Apple iCloud Hacker Steals Nudes - InfoSecurity Magazine

BlackByte Ransomware Decryptor Released for Free - TechNadu

BlackMatter ransomware gang will target agriculture for its next harvest – Uncle Sam - The Register

Bots to become the future of work and provide ROI to organizations using them - Help Net Security

Compliance does not equal security - Help Net Security

Data Breach Hits US Dental Patients - InfoSecurity Magazine

FBI, CISA, NSA published a joint advisory on BlackMatter ransomware operations - Security Affairs

FCC mulls over new rules demanding carriers block spam robot texts at network level - ZDNet

Forrester report suggests Imperva Data Protection delivers high value and rapid ROI - Security Boulevard

Government Gunning for Cryptocurrency—Uses Ransomware as Pretext - Security Boulevard

How Your Organization Can Prevent Data Breaches - Security Boulevard

Michigan Man Got a 7-Year Sentence for Hacking UPMC HR Databases and Stealing PII - TechNadu

Microsoft fixes Surface Pro 3 TPM bypass with public exploit code - Bleeping Computer

Multi-factor authentications soar as enterprises move away from passwords to secure hybrid workers - Help Net Security

New Karma ransomware group likely a Nemty rebrand - Bleeping Computer

Prison for UPMC Data Thief - InfoSecurity Magazine

Recommendations for improving DEI in cybersecurity teams - Help Net Security

Secure your databases against opportunistic attackers - Help Net Security

Shared Responsibility Key to Protecting Critical Infrastructure - InfoSecurity Magazine

Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services - The Hacker News

Symantec uncovered a previously unknown nation-state actor, named Harvester, that targeted telcos - Security Affairs

The Challenge of Regulatory Compliance for Critical Infrastructure - Security Boulevard

The CISO’s guide to evaluating third-party security platforms - Help Net Security

Trustwave released a free decryptor for the BlackByte ransomware - Security Affairs

Twitter accounts linked to cyberattacks against security researchers suspended - ZDNet

UK in Midst of $200m Crypto Fraud Epidemic - InfoSecurity Magazine

US Authorities Issue BlackMatter Ransomware Alert - InfoSecurity Magazine

VPN Provider's Misconfiguration Exposes One Million Users - InfoSecurity Magazine

WFH is here to stay: Five tactics to improve security for remote teams - Help Net Security

18/10

Acer Hacked, the Private Data of Millions of Clients Stolen - TechNadu

Acer hit with second cyberattack in less than a week, Taiwanese authorities notified - ZDNet

Analyzing and implementing a national zero trust architecture - Help Net Security

Atento Infectada por Malware - Felipe Payão (Twitter)

Attackers Weaponizing Zero-Days at Record Pace - Security Boulevard

BEC attacks: Scammers’ latest tricks - Help Net Security

BlackByte ransomware decryptor released - ZDNet

Credit card PINs can be guessed even when covering the ATM pad - Bleeping Computer

Cyber-Attack on US TV Broadcaster - InfoSecurity Magazine

Cyber risk trends driving the surge in ransomware incidents - Help Net Security

Cybersecurity Experts Warn of a Rise in Lyceum Hacker Group Activities in Tunisia - The Hacker News

Cybersecurity Risk’s “New Math” - Security Boulevard

DEF CON 29 ICS Village – Mert Can Kilic’s ‘Do We Really Want To Live In The Cyberpunk World’ - Security Boulevard

Espionage Group ‘Harvester’ Uses New Tools to Target South Asia and Focuses on Afghanistan - TechNadu

Europol Warns of Major EU Recovery Fund Fraud - InfoSecurity Magazine

Facebook diz que mais reportagens com documentos vazados devem ser publicadas em breve - G1 Tecnologia

FBI, CISA, NSA share defense tips for BlackMatter ransomware attacks - Bleeping Computer

Fraud Victims Lose £9.3bn in Well-Being per Year - InfoSecurity Magazine

Gartner survey of CIOs highlights investments in AI, cloud and cybersecurity - ZDNet

Learning Framework For Detection of Novel Malware | Avast - Security Boulevard

Microsoft asks admins to patch PowerShell to fix WDAC bypass - Bleeping Computer

Most employees believe backing up company data is not their problem - Help Net Security

Over 30 Countries Pledge to Fight Ransomware Attacks in US-led Global Meeting - The Hacker News

Popular student monitoring software could have exposed thousands to hacks - Data Breaches Net

Prometheus endpoint unprotected installs could expose sensitive data - Security Affairs

Remote access security strategy under scrutiny as hybrid/remote working persists - Help Net Security

REvil ransomware operation shuts down once again - Security Affairs

Sinclair confirms ransomware attack after TV station disruptions - ZDNet

Sinclair TV Stations Disrupted After Possible Ransomware Attack - TechNadu

Sinclair TV stations downtime allegedly caused by a ransomware attack - Security Affairs

Sinclair TV stations crippled by weekend ransomware attack - Bleeping Computer

South Korea Wants Help to Arrest Alleged Cyber-Criminals - InfoSecurity Magazine

State-backed hackers breach telcos with custom malware - Bleeping Computer

Suspected Chinese hackers behind attacks on ten Israeli hospitals - Bleeping Computer

TeamTNT Deploys Malicious Docker Image On Docker Hub - Security Affairs

The importance of crisis management in the age of ransomware - Help Net Security

This new phishing attack features a weaponized Excel file - ZDNet

TikTok Serves Up Fresh Gamer Targets via Fake Among Us, Steam Offerings - Threatpost

Twitch: No Passwords Were Taken in Data Breach - InfoSecurity Magazine

Twitter Suspends Accounts Used to Snare Security Researchers - Threatpost

University still recovering from major cyberattack that disrupted IT systems - ZDNet

Update: Student and personnel files from Manhasset Union Free School District appear on the dark web - Data Breaches Net

US Treasury Tracks $5.2bn of Ransomware Transactions in Six Months - InfoSecurity Magazine

Why Database Patching Best Practice Just Doesn't Work and How to Fix It - The Hacker News

17/10

Acer data breach in India: Delighted hackers show-off users' accounts in public - Tech Hindu

Ad-blocker Chrome extension AllBlock injected ads in Google searches - HackRead

British Horseracing Authority (BHA) left red-faced after contents of investigation into bullying of Bryony Frost leaked - RTE

Cloud security is an ongoing struggle to keep sensitive data safe. Is it getting any easier? - HackRead

Former Microsoft Security Analyst Claims Office 365 Knowingly Hosted Malware For Years - Hothardware

From Fortnite to Fifa, online video game players warned of rise in fraud - The Guardian

Gmail and Outlook warning: Delete these emails now or pay a heavy price - Express

Google sent 50K warnings to targets of government-backed hackings - Business Standard

Hacking groups execute ransomware attacks worth $5.2 bn in Bitcoin - Infotech Lead

Report: Iran’s Islamic Revolutionary Guard Behind Massive Hacking Campaign in the U.S. - Legal Insurrection

REvil Ransomware Gang Goes Underground After Tor Sites Were Compromised - The Hacker News

REvil ransomware shuts down again after Tor sites were hijacked - Bleeping Computer

Several Israeli Medical Facilities Targeted With Ransomware Attacks - Haaretz

Telegram Bots, a new way used by hackers to access OTPs - TDH

The True Cost of DDoS Attacks - InfoSecurity Magazine

Twitch confirms no user data was leaked in recent data breach – Houstonian Online

Weighing room culture under fire after Dunne-Frost bullying case is leaked - Racing Post

NEWS: Outubro (10/10 - 16/10) - 41 Semana de 2021