NEWS: Outubro (24/10 - 30/10) - 43 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!!

30/10

Atlanta Man Arraigned On Charged Of Wire And Computer Fraud - CBS Atlanta

Barbados: Data protection law praised but cybersecurity work begins - Barbados Today

Content Disarm and Reconstruction – A Proactive Stance On Cybersecurity - UK Today News

DeFi Investors Targeted by Dangerous Malware - U Today

Fortinet warns of Black Friday scams involving PS5s, Xboxes and fake Amazon gift card generators that steal crypto - ZDNet

Hackers hit Papua New Guinea financial hub, fail in bid to hold state officials to ransom - Asia Pacific Report

Massive cyber heist rocks high society jeweller Graff: Russian gang demand multi-million ransom or they'll release private details of rich and famous - after leaking files on David Beckham, Oprah and Donald Trump - Mail Online

Russia national extradited to US as part of alleged cybercrime conspiracy - Jurist

San Diego EDs Deluged With Patients After Cyberattack - Medpage Today

South Korean watchdog proposes Facebook pay 300,000 won per victim over personal data breach - EconoTimes

Squid Game malware might be the scariest thing you see this Halloween - TechRadar

Toronto Transit Commission still recovering from ransomware attack - IT World Canada

29/10

2021 State of Ransomware Report Reveals 83% of Victims Paid to Get Data Restored - AI Thority

'AbstractEmu' Malware Found on 19 Apps | 10,000 Downloads Before Its Removal - Tech Times

Apple fixes security feature bypass in macOS (CVE-2021-30892) - Help Net Security

Australian Federal Police (AFP) confiscates AU$1.7m from Sydney man who stole Netflix, Spotify, Hulu accounts - ZDNet

Colorado university had a data breach which 30,000 students affected - The Digital Hacker

Cybercrime: Europol arrests 12 people for ransomware activities possibly affecting 1,800 victims in 71 countries - Tech Republic

‘Data breach at India’s biggest demat depository exposed 4.39 cr investors’: E-security firm - The Print

Despite large investments in security tools, organizations are not confident they can stop data exfiltration - Help Net Security

Employers must balance productivity and collaboration tools with security - Help Net Security

Europol detains hackers behind 2019 Norsk Hydro ransomware attack - TechCrunch

Forrester Predicts Mass Cybersecurity Brain Drain - InfoSecurity Magazine

Google Chrome is Abused to Deliver Malware as ‘Legit’ Win 10 App - Threatpost

Google Chromebooks failing to enroll due to network issue - Bleeping Computer

Google fixes 2 new actively exploited zero-day flaws in Chrome - Security Affairs

Google fixes two high-severity zero-day flaws in Chrome - ZDNet

Here Are 150 Fake Android Apps to Delete From Your Phone - Tech CO

Hive ransomware now encrypts Linux and FreeBSD systems - Bleeping Computer

How can Businesses avoid Data Breach Blind Spots? - Lexology

How Healthcare Systems Can Protect Against Three Major Cyber Risks - CPO Magazine

Leftover files are putting visitors to popular websites at risk - TechRadar Pro

Luxury hotel chain hit twice by hackers after reneging on ransomware payment - ITPro

Microsoft hacked leaving billions of passwords at risk - check yours is safe - North Wales Chronicle

Microsoft: Windows web content filtering now generally available - Bleeping Computer

Misconfigured Database Leaks 880 Million Medical Records - InfoSecurity Magazine

Morse Code and 'Double Extortion': The State of Malware Today - Supply Chain Brain

National Rifle Association (NRA) hit by ransomware attack - The Jerusalem Post

New Android Spyware Threat Poses as Antivirus in Japan - TechNadu

New 'Shrootless' Bug Could Let Attackers Install Rootkit on macOS Systems - The Hacker News

One in ten people click on phishing links: Report - The Hindu Business Line

Perfect Storm of Cybersecurity Risks Threatens the Hybrid Workplace - AI Thority

Police arrest criminals behind Norsk Hydro ransomware attack - Bleeping Computer

Police arrest hackers behind over 1,800 ransomware attacks - Bleeping Computer

Ransomware attack on Martin County Tax Collector's Office could inflict data damage - TC Palm

Ransomware Has Disrupted Almost 1,000 Schools in the US This Year - Vice

Ransomware: Police sting targets suspects behind 1,800 attacks that 'wreaked havoc across the world' - ZDNet

Russian TrickBot Gang Hacker Extradited to U.S. Charged with Cybercrime - The Hacker News

Schreiber Foods back to normal after ransomware attack shuts down milk plants - ZDNet

SolarMarker Attackers Use SEO Poisoning to Push Malicious Code - eSecurity Planet

Suspected Trickbot Malware Developer Faces 60 Years in Jail - InfoSecurity Magazine

TA575 criminal group using 'Squid Game' lures for Dridex malware - ZDNet

Three OT security lessons learned from 2021’s biggest cyber incidents - Help Net Security

Toronto Transit Commission (TTC) investigating ransomware attack that compromised multiple servers - CTV News

Unauthorized account openings increased by 21% in the last 12 months - Help Net Security

What is Emotet? - ITPro

28/10

400,000 German Students’ Sensitive Data Exposed by API Flaw - TechNadu

An Amazon rival reveals the only honest reason to get a video doorbell - ZDNet

API attacks are both underdetected and underreportedt - Help Net Security

Best gifts for hackers 2021: Top cybersecurity presents - ZDNet

Central Vermont schools may have been hit with ransomware - AP News

Cloud security in 2021: A business guide to essential tools and best practices - ZDNet

Codenotary: Notarize and verify your software bill of materials - ZDNet

Cryptocurrency and DNS: Phishing Domains, Cryptomining and More - CircleID

Data Breach at University of Colorado - InfoSecurity Magazine

Data breach: Hospital shares email addresses of vaccine trial participants - Eastern Daily Press

Despite increased cyber threats, many organizations have no defense plans in place - Help Net Security

FBI: Ranzy Locker Ransomware Attacks 30 Companies Through July - MSSP Alert

Free decryption tools for AtomSilo, Babuk, and LockFire ransomware released by Avast - Graham Cluley

Hackers Steal $130 Million From Cream Finance in the Third Hack This Year - TechNadu

HTTPS threats grow more than 314% through 2021: Report - ZDNet

Implementing DMARC to eliminate phishing emails - Help Net Security

Is offensive testing the way for enterprises to finally be ahead of adversaries? - Help Net Security

Israeli Researcher Cracked Over 3500 Wi-Fi Networks in Tel Aviv City - The Hacker News

Kemper $17.6M Data Breach Settlement Wins Preliminary Court Approval - Insurance Journal

Luxury hotel chain in Thailand reports data breach - ZDNet

Malicious NPM Libraries Caught Installing Password Stealer and Ransomware - The Hacker News

Martin County Tax Collector's possibly hit by ransomware attack - Fox 29 WFLX

More than three million CoinMarketCap users suffered a data breach - The Digital Hacker

MVSP: A minimum cybersecurity baseline to simplify vendor security assessment - Help Net Security

New Wslink Malware Loader Runs as a Server and Executes Modules in Memory - The Hacker News

PNG government system hit by ransomware attack - RNZ

Ransomware gang claims to have hacked the NRA - ITPro

Ransomware Hackers Freeze Millions in Papua New Guinea - Yahoo! Finance

Ransomware: It's a 'golden era' for cyber criminals - and it could get worse before it gets better - ZDNet

Researcher found 70% Wi-Fi networks in Tel Aviv are hackable - HackRead

Sensitive data of 400,000 German students exposed by API flaw - Bleeping Computer

Steam users warned to beware this dangerous phishing scam - TechRadar Pro

The CISO’s guide to third-party security management - Help Net Security

Top cybersecurity threats enterprises will face in 2022 - Help Net Security

Vendor Partner Responsible for Fullerton Health Data Breach - Bank Info Security

27/10

Android spyware apps target Israel in three-year-long campaign - Bleeping Computer

Avast released a free decryptor for Babuk ransomware - Security Affairs

Babuk ransomware decryptor released to recover files for free - Bleeping Computer

Break into the elite field of cybersecurity by learning Risk Management Frameworks - ZDNet

Cyber Attack in Iran Reportedly Cripples Gas Stations Across the Country - The Hacker News

Digital Extortionists DDoS VoIP Providers - InfoSecurity Magazine

Four key tenets of zero trust security - Help Net Security

Free decryptor released for Atom Silo and LockFile ransomware - Bleeping Computer

Good security habits: Leveraging the science behind how humans develop habits - Help Net Security

Grief ransomware gang hit US National Rifle Association (NRA) - Security Affairs

Hackers arrested for ‘infiltrating’ Ukraine’s health database - Bleeping Computer

Hackers Using Squirrelwaffle Loader to Deploy Qakbot and Cobalt Strike - The Hacker News

HM Treasury Hit by Five Million Malicious Emails in Past Three Years - InfoSecurity Magazine

How to close the cybersecurity workforce gap - Help Net Security

Latest Report Uncovers Supply Chain Attacks by North Korean Hackers - The Hacker News

Malicious NPM libraries install ransomware, password stealer - Bleeping Computer

Microsoft warns over uptick in password spraying attacks - ZDNet

North Korean Lazarus APT Targets Software Supply Chain - InfoSecurity Magazine

North Korea-linked Lazarus APT targets the IT supply chain - Security Affairs

Not upgrading to iOS 15? Then you need to install this update now - ZDNet

NRA: No comment on Russian ransomware gang attack claims - Bleeping Computer

Ofcom's Scam Call-Blocking Plan Could Save Consumers Millions - InfoSecurity Magazine

Operations at Iranian gas stations were disrupted today. Cyber attack or computer glitch? - Security Affairs

Organizations making security trade-offs in the push to innovates - Help Net Security

The dangers behind wildcard certificates: What enterprises need to know - Help Net Security

The fast-expanding world of online proctoring: What cybersecurity industry leaders must know - Help Net Security

These phishing emails use QR codes to bypass defences and steal Microsoft 365 usernames and passwords - ZDNet

Twitter employees required to use security keys after 2020 hack - Bleeping Computer

US bans China Telecom Americas over national security risks - Bleeping Computer

Weeks early: Adobe dumps massive security patch update - ZDNet

26/10

72% of organizations hit by DNS attacks in the past year - Help Net Security

400,000 Fullerton Health Client Details Were Stolen and Sold Online - TechNadu

Australia drafts Online Privacy Bill to bolster data security - Bleeping Computer

BEC Costs UK Firms £140M Over Past Year - InfoSecurity Magazine

Biometrics emerging as the preferred identity verification option for digital consumers - Help Net Security

Executives’ top concern in Q3 2021? New ransomware models - Help Net Security

Free Download Manager Takes Down YouTube Feature After Google Complaint - TechNadu

GCHQ Boss: Ransomware Has Doubled in a Year - InfoSecurity Magazine

Global Security Skills Shortage Falls to 2.7 Million Workers - InfoSecurity Magazine

Increased risk tolerances are making digital transformation programs vulnerable - Help Net Security

Justice determines breach of confidentiality of medical records - Data Breaches Net

Kansas Man pleads guilty to hacking the Post Rock Rural Water District - Security Affairs

Malicious Firefox Add-ons Block Browser From Downloading Security Updates - The Hacker News

Mozilla Firefox cracks down on malicious add-ons used by 455,000 users - ZDNet

Navigating ethics in AI today to avoid regrets tomorrow - Help Net Security

Nearly 30K former and current CU Boulder students’ personal information hacked - Data Breaches Net

Nearly all US execs have experienced a cybersecurity threat, but some say there's still no plan - ZDNet

Over 10 Million Android Users Targeted With Premium SMS Scam Apps - The Hacker News

Popular nmp package hijacked, modified to deliver cryptominers - Help Net Security

Ransomware has proliferated because it's 'largely uncontested', says GCHQ boss - ZDNet

Schools put the brakes on facial recognition scheme for kids buying lunch - ZDNet

The CISO’s guide to choosing an automated security questionnaire platform - Help Net Security

The first step to being cybersmart: Just start somewhere - Help Net Security

Third-party data breach in Singapore hits healthcare provider - ZDNet

UltimaSMS subscription fraud campaign targeted millions of Android users - Security Affairs

Viewing website HTML code is not illegal or “hacking,” prof. tells Missouri gov. - Data Breaches Net

When it comes to collaboration tools, firms struggle to keep up with security and compliance - Help Net Security

25/10

1 in 10 people clicking on phishing links on mobile devices - Telangana Today

BlackMatter Bug Saved Victims Millions in Ransom Payments - InfoSecurity Magazine

CISA urges admins to patch critical Discourse code execution bug - Bleeping Computer

Cyber-Attacks on House of Commons Soar by 358% in 2021 - InfoSecurity Magazine

Despite spending millions on bot mitigation, 64% of organizations lost revenue due to bot attacks - Help Net Security

DiploFoundation Develops Simulated Cyber-Attack Game - InfoSecurity Magazine

Emsisoft created a free decryptor for past victims of the BlackMatter ransomware - Security Affairs

Hackers Exploited Popular BillQuick Billing Software to Deploy Ransomware - The Hacker News

Hardware-grade enterprise authentication without hardware: new SIM security solution for IAM - The Hacker News

His boss said the spy camera proved he was lazy. His response was brilliant - ZDNet

How to implement secure configurations more quickly - Help Net Security

KT clarifies routing error caused outage instead of DDoS attack - ZDNet

Microsoft: Russian SVR hacked at least 14 IT supply chain firms since May - Bleeping Computer

Microsoft Warns of Continued Supply-Chain Attacks by the Nobelium Hacker Group - The Hacker News

Network and IoT security in a zero trust security model - Help Net Security

New Attack Lets Hackers Collect and Spoof Browser's Digital Fingerprints - The Hacker News

NYT Journalist’s iPhone infected twice with NSO Group’sPegasus spyware - Security Affairs

Ransomware: How bad is it going to get? - Help Net Security

Russia-linked Nobelium APT targets orgs in the global IT supply chain - Security Affairs

Security leaders facing challenges in managing and securing distributed work environments - Help Net Security

SolarWinds hackers are going after cloud, managed and IT service providers - Help Net Security

SolarWinds hackers, Nobelium, once again strike global IT supply chains, Microsoft warns - ZDNet

Tesco App and Website Back Online After Cyber Incident - InfoSecurity Magazine

Tesco's website restored after suspected cyberattack - ZDNet

Unknown ransomware gang uses SQL injection bug in BillQuick Web Suite to deploy ransomware - Security Affairs

Why cybersecurity leaders should focus on spending, people and technology (in that order) - Help Net Security

24/10

5 Tips For Keeping Your Computer Safe and Secure From Hackers & Viruses - Recently Heard

25% paid extortion money in Ransomware: Sophos - The Sunday Times

Bank card skimming concern for cybersecurity in Trinidad and Tobago - News Day Trinidad and Tobago

BlackMatter ransomware victims quietly helped using secret decryptor - Bleeping Computer

Crypto scams live-streamed as YouTube channels face phishing attacks - AMB Crypto

Cyberattacks to critical infrastructure threaten our safety and well-being - The Conversation

Don't tap on any links! How to spot and deal with a scam text message - The Star

Facebook sues programmer who stole data of 178 mil users via Messenger - Soyacincau

Gigabyte hit by ransomware attack: NDA’d information and customer details leak out with hackers threatening worse - Notebook Check

Grocery chain Tesco suffers two-day outage following hack - Engadget

Hackers bring down Tesco's website and app - Plymouth Live

Hackers skim $4m off banks in Uganda - The East African

IPO-bound unicorn MobiKwik under RBI scanner for data breach - The Hindu Business Line

Middle East faced wave of cybersecurity threats since start of pandemic - The Rahnuma Daily

NYT Journalist Repeatedly Hacked with Pegasus after Reporting on Saudi Arabia - The Hacker News

Phishing attempts target top brands online - The Manila Times

Sinclair TV stations knocked off air after ransomware attack - Big News Network

Supply Chain Attacks Highlight Why You Should Continue to Be Careful with Third-Party Providers - UK Today News

Tesco outage was due to hackers trying to 'interfere' with website and app - Mirror UK

Tesco website and app crashes after 'hack attempt' with thousands of customers unable to do their online shop - Daily Mail Online

Tesco website and app back up and running following suspected hack - ITV

Tesco website hacked with frustrated shoppers unable to order groceries online - Daily Record

TodayZoo phishing kit borrows the code from other kits - Security Affairs

Tokyo 2020 Olympics defeated half-a-billion attempted cyberattacks - Tech Story

NEWS: Outubro (17/10 - 23/10) - 42 Semana de 2021