NEWS: Setembro (19/09 - 25/09) - 38 Semana de 2021

Cyber Security and Information Security News - Daily Updates !!!

25/09

New iPhone 13? Don't forget to update! - ZDNet

24/09

'Anonymous' Hackers Claim to Hit Website Hosting Firm Popular With Far-Right Groups - InfoSecurity Magazine

Apple's New iCloud Private Relay Service Leaks Users' Real IP Addresses - The Hacker News

Cisco Releases Patches 3 New Critical Flaws Affecting IOS XE Software - The Hacker News

Complex New SMS Malware Discovered - InfoSecurity Magazine

Cyber Threats Result in 60% Increase in Cyber Intelligence Sharing Among Financial Firms - InfoSecurity Magazine

Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras - InfoSecurity Magazine

Emergency Google Chrome update fixes zero-day exploited in the wild - Bleeping Computer

EU officially blames Russia for 'Ghostwriter' hacking activities - Bleeping Computer

FBI decision to withhold Kaseya ransomware decryption keys stirs debate - ZDNet

Florida Yet to Spend $30M Allocated for Cybersecurity - InfoSecurity Magazine

Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows - The Hacker News

Hackers exploiting critical VMware vCenter CVE-2021-22005 bug - Bleeping Computer

LG to Acquire Cybellum - InfoSecurity Magazine

Microsoft rushes to register Autodiscover domains leaking credentials - Bleeping Computer

Most IT leaders prioritize cloud migration, yet security concerns remain - Help Net Security

Policy and patience key in Biden’s cybersecurity battle - Help Net Security

Researcher drops three iOS zero-days that Apple refused to fix - Bleeping Computer

RTL Nederland paid hackers 8,500 euros after ransomware attack - Teller Report

SonicWall fixes critical bug allowing SMA 100 device takeover - Bleeping Computer

The Benefits and Challenges of Passwordless Authentication - Bleeping Computer

23/09

A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit - The Hacker News

ANZ reports a 73% year-on-year increase in scams for the first eight months of 2021 - ZDNet

Apple fixes another zero-day used to deploy NSO iPhone spyware - Bleeping Computer

Automation is not here to close the cybersecurity skills shortage gap, but it can help - Help Net Security

Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers - The Hacker News

Consumers taking action to protect themselves online, though confidence is low - Help Net Security

DDoS attacks increased 11% in 1H 2021, fueling a global security crisis - Help Net Security

Future of work: Cybersecurity and hybrid working as top two enterprise priorities - Help Net Security

Google tests if 'Chrome/100.0' user agent breaks websites - Bleeping Computer

Hacking group used ProxyLogon exploits to breach hotels worldwide - Bleeping Computer

Malware devs trick Windows validation with malformed certs - Bleeping Computer

Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials - The Hacker News

Nagios XI vulnerabilities open enterprise IT infrastructure to attack - Help Net Security

New advanced hacking group targets governments, engineers worldwide - ZDNet

New Android Malware Targeting US, Canadian Users with COVID-19 Lures - The Hacker News

Protecting IoT devices requires a DNS-based solution - Help Net Security

Ransomware attack levels soaring, now accounting for 69% of all attacks involving malware - Help Net Security

Ransomware attackers targeted this company. Then defenders discovered something curious - ZDNet

REvil ransomware devs added a backdoor to cheat affiliates - Bleeping Computer

SaaS applications investment growing despite underutilization of app licenses by employees - Help Net Security

U.S. Department of the Treasury announces set of actions to counter ransomware - Help Net Security

VoIP company battles massive ransom DDoS attack - ZDNet

Why You Should Consider QEMU Live Patching - The Hacker News

22/09

2 million malicious emails bypassed secure email gateways in 12 months - Help Net Security

A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035) - Help Net Security

Creepy data collection and sharing remain common on popular apps - Help Net Security

DDoS attacks are becoming more prolific and more powerful, warn cybersecurity researchers - ZDNet

Enterprises Need 27 New IT Hires to Manage Security Debt - InfoSecurity Magazine

Execs Need Less Talk, More Action on Software Security - Security Boulevard

Half of Web Owners Don't Know if Their Site Has Been Attacked - InfoSecurity Magazine

How digital transformation impacted CIO and CTO roles - Help Net Security

How do I select a data privacy management solution for my business? - Help Net Security

How to protect the corporate network from spyware - Help Net Security

Leveraging AI and automation to identify sensitive data at scale - Help Net Security

Lithuanian Ministry Bashes Xiaomi and Huawei for Undocumented Functionality - TechNadu

Microsoft Unearths Large-Scale Phishing Operation Involving 300,000 Subdomains - TechNadu

Netgear Releases Fixing Update for a Wide Range of Router Products - TechNadu

New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures - The Hacker News

Plug critical VMvare vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005) - Help Net Security

RCE is back: VMware details file upload vulnerability in vCenter Server - ZDNet

Researchers Discover Remotely Exploitable Flaw that Results in File Exposure on Gurock TestRail - TechNadu

The Future of Industrial Cybersecurity - Security Boulevard

This phishing-as-a-service operation is responsible for many attacks against businesses, says Microsoft - ZDNet

Treasury Sanctions Russian Crypto Exchange - InfoSecurity Magazine

VMware addressed a critical flaw in vCenter Server. Patch it now! - Security Affairs

We cannot afford for healthcare security to be the “lowest-hanging fruit” - Help Net Security

21/09

3-D Secure transactions growth fueled by card-not-present explosion and PSD2 - Help Net Security

77% of execs concerned about security tools gaps in their company - Help Net Security

A zero-day flaw allows to run arbitrary commands on macOS systems - Security Affairs

Apache OpenOffice is currently impacted by a remote code execution flaw - Security Affairs

Black Matter gang demanded a $5.9M ransom to NEW Cooperative - Security Affairs

Breached Alaska Gov Systems Still Down—After 5 MONTHS - Security Boulevard

Challenges CISOs face in a rapidly evolving cybersecurity landscape - Help Net Security

Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus? - The Hacker News

Data of 106 million visitors to Thailand leaked online - Security Affairs

DEF CON 29 Cloud Village – Batuhan Sancak’s ‘Azure Active Directory Hacking Wars’ - Security Boulevard

Druva Accelerates Ransomware Recovery Using Curated Data - Security Boulevard

European Police Bust €10m Mafia Fraud Ring - InfoSecurity Magazine

Farming Group Warns of Supply Chain Chaos After Ransomware Attack - InfoSecurity Magazine

How to mitigate security vulnerabilities automatically with RASP - Security Boulevard

iOS 15 lets you spy on apps that might be spying on you - ZDNet

Major American Agriculture Cooperative Hit by the ‘BlackMatter’ Ransomware Gang - TechNadu

Malicious Email Surge Predicted for Q4 - InfoSecurity Magazine

Marketron marketing services hit by Blackmatter ransomware - Bleeping Computer

Microsoft Power Apps data exposure: Prioritizing sensitive data with secure configuration settings - Help Net Security

New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin - The Hacker News

New macOS zero-day bug lets attackers run commands remotely - Bleeping Computer

Office workers unwilling to change their behavior, despite being aware of the cybersecurity challenges - Help Net Security

Organizations prioritize strategic security programs, but lack fundamentals - Help Net Security

Researcher Discovers Major Exposure in the EventBuilder App - TechNadu

Securing the Edge in the Supply Chain - Security Boulevard

Siemens launches AI solution to fight industrial cybercrime - ZDNet

The complexities of vulnerability remediation and proactive patching - Help Net Security

Turla APT group used a new backdoor in attacks against Afghanistan, Germany and the US - Security Affairs

US agricultural co-op hit by ransomware, expects food supply chain disruption - Help Net Security

“Water Basilisk” Campaign Exploiting File Hosting Services to Deliver Multiple RAT Payloads - TechNadu

20/09

A New Wave of Malware Attack Targeting Organizations in South America - The Hacker News

Add Security, Not Headaches, to the SDLC - Security Boulevard

ALTDOS claims to have hacked one of Malaysia’s biggest conglomerates - DataBreaches Net

Banco de Venezuela Still Struggling to Restore Services After Last Week’s Cyberattack - TechNadu

Cloud and online backups increasing in popularity, but tape usage remains - Help Net Security

Europol arrested 106 fraudsters, members of a major crime ring - Security Affairs

Europol Busts Major Crime Ring, Arrests Over 100 Online Fraudsters - The Hacker News

Europol Dismantled Massive Online Fraud Operation With 106 Members - TechNadu

Europol links Italian Mafia to million-dollar phishing scheme - Bleeping Computer

EventBuilder misconfiguration exposed event registrants’ information - DataBreaches Net

EventBuilder misconfiguration exposes Microsoft event registrant data - Bleeping Computer

Facebook rebukes WSJ over investigation on the platform's ability to harm, 'toxic' impact - ZDNet

Former IT Exec Pleads Guilty to Insider Trading Conspiracy - InfoSecurity Magazine

Google Is Going to Reset App Permissions on Older Android Versions Too - TechNadu

Google: This major privacy change is coming to billions of Android devices soon - ZDNet

Hacked sites push TeamViewer using fake expired certificate alert - Bleeping Computer

How to retain the best talent in a competitive cybersecurity market - Help Net Security

iMessage Zero-Click Exploit, Leaked Guntrader Firearms Data, 60 Million Fitness Tracking Records Exposed - Security Boulevard

India’s Antitrust Authority Finds Google Abused Its Market Dominance - TechNadu

NIST SP800-53 Revision 5, One Year Later - Security Boulevard

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme - Security Affairs

Payment API Vulnerabilities Exposed "Millions" of Users - InfoSecurity Magazine

Perceptions of Insider Risk 2021 - Security Boulevard

Phishing attacks: Police make 106 arrests as they break up online fraud group - ZDNet

Protecting Data From Insider Threats - Security Boulevard

Ransomware Attacks Growing More Sophisticated - Security Boulevard

Ransomware still a primary threat as cybercriminals evolve tactics - Help Net Security

Republican Governors Association email server breached by state hackers - Bleeping Computer

Securing Kubernetes as it becomes mainstream - Help Net Security

Tech pros reporting a positive perception of their roles, looking forward to what lies ahead - Help Net Security

The Demise of Self-Driving Cars as Such - Security Boulevard

Trust, but verify: An in-depth analysis of ExpressVPN's terrible, horrible, no good, very bad week - ZDNet

US Set to Sanction Cryptocurrency Firms Involved in Ransomware - InfoSecurity Magazine

Victoria launches five-year, AU$50 million cyber strategy - ZDNet

Zero trust security solutions widely adopted, spurred by surge in ransomware - Help Net Security

What businesses need to know about data decay - Help Net Security

19/09

8 Job Security Tips That Every Freelancer Should Know - Make Use Of

Cracks in the crypto utopia: How a surge of scams is exposing DeFi’s dark side - Digital Trends

Cybercrime gang backdoors U.S. finance organizations with malware - Digital Journal

Data Security Trends 2021 - Datamation

DDoS Attacks In Healthcare: Just How Dangerous Can They Get? - Tech Times

DEF CON 29 Blockchain Village – Yaz Khoury’s ‘Surviving 51 Percent Attacks’ - Security Boulevard

DEF CON 29 Cloud Village – Magno Logan’s ‘Workshop Kubernetes Security 101 Best Practices’ - Security Boulevard

Exabytes Falls Victim To Ransomware Attack: Causes Disruptions To Certain Services - Lowyat

Financial sector suffers costliest cyberattacks - The Manila Times

Google to Auto-Reset Unused Android App Permissions for Billions of Devices - The Hacker News

How to spot cryptocurrency Bitcoin scams trying to steal your money - Central Recorder

Industrial control systems spyware scripts on rise in UAE - GDN Online

New "Elon Musk Club" crypto giveaway scam promoted via email - Bleeping Computer

Numando: A New Banking Trojan Targeting Latin American Users - The Hacker News

Numando, a new banking Trojan that abuses YouTube for remote configuration - Security Affairs

Ransomware attack on TN Public Department systems - The Siasat Daily

Received a text with a surprising pandemic offer? Don’t click that link! - JC Post

‘Smishing’: the rising threat for business owners that brings scams to smartphones - The Guardian

Telegram Is Reportedly Harboring More Cyber Criminals Ever Since The Attempted WhatsApp Policy Change - Digital Information World

The Digital Pandemic – Ransomware - The State Of Security

The vicious cycle that makes ransomware such a potent threat - TechRadar Pro

Vulnerabilities in Operational Tech Devices Up 46% in H1’21- The Fintech Times

NEWS: Setembro (12/09 - 18/09) - 37 Semana de 2021