Study - Technical - LMS-SFC (EN) - Cyber Security - News Archive April 2021


Cyber Security - Mews Archive

april 2021

30.04.2021 - News from cyber security

- Codecov Releases New Detections for Supply Chain Compromise. (to the original material)

- The Week in Ransomware - April 30th 2021 - Attacks Escalate. (to the original material)

- First Horizon bank online accounts hacked to steal customers’ funds. (to the original material)

- Babuk quits ransomware encryption, focuses on data-theft extortion. (to the original material)

- Hotbit cryptocurrency exchange down after hackers targeted wallets. (to the original material)

- Your stolen ParkMobile data is now free for wannabe scammers. (to the original material)

- Suspected Chinese state hackers target Russian submarine designer. (to the original material)

- Codecov starts notifying customers affected by supply-chain attack. (to the original material)

- Brazil's Rio Grande do Sul court system hit by REvil ransomware. (to the original material)

- Samba Releases Security Updates. (to the original material)

- CISA Updates Alert on Pulse Connect Secure. (to the original material)

*** - U.S. government probes VPN hack within federal agencies, races to find clues. (to the original material)

- PKI market valuation to cross $7 billion by 2027. (to the original material)

- AI can alter geospatial data to create deepfake geography. (to the original material)

- Lack of visibility into IT assets impacting security priorities. (to the original material)

- Researchers develop program that helps assess encryption systems’ vulnerabilities. (to the original material)

- APIs in the insurance industry: Accessing a growing world of data. (to the original material)

- Shedding light on the threat posed by shadow admins. (to the original material)

29.04.2021 - News from cyber security.

- CISA Releases ICS Advisory on Real-Time Operating System Vulnerabilities. (to the original material)

- Cisco Releases Security Updates for Multiple Products. (to the original material)

- ISC Releases Security Advisory for BIND. (to the original material)

- Instagram is rolling out new features to prevent cyberbullying. (to the original material)

- Microsoft finds critical code execution bugs in IoT, OT devices. (to the original material)

- New ransomware group uses SonicWall zero-day to breach networks. (to the original material)

- QNAP warns of AgeLocker ransomware attacks on NAS devices. (to the original material)

- Babuk ransomware readies 'shut down' post, plans to open source malware. (to the original material)

- Whistler resort municipality hit by new ransomware operation. (to the original material)

- Security expert coalition (Ransomware Task Force) shares actions to disrupt ransomware. (to the original material)

- Locked, Loaded, and in the Wrong Hands: Legitimate tools weaponized for ransomware in 2021. (to the original material)

- Worldwide 5G enterprise market to reach $10.9 billion by 2027. (to the original material)

- Middle market companies facing a record number of data breaches. (to the original material)

- Penetration testing leaving organizations with too many blind spots. (to the original material)

- Solve evolving enterprise issues with GRC (Governance, Risk management, and Compliance) technology. (to the original material)

- The realities of working in and pursuing a career in cybersecurity. (to the original material)

- MythBusters: What pentesting is (and what it is not). (to the original material)

- Q1 2021 ransomware trends: Most attacks involved threat to leak stolen data. (to the original material)

- 48 recommendations for a global fight against ransomware. (to the original material)

28.04.2021 - News from cyber security.

- Pupils in north London crowned champions of the NCSC cyber contest for girls. (to the original material)

- 4 Common Ways Scammers Use Celebrities' Imagery to Scam Victims Online. (to the original material)

- DigitalOcean data breach exposes customer billing information. (to the original material)

- Fourth time's a charm - OGUsers hacking forum hacked again. (to the original material)

- New stealthy Linux malware used to backdoor systems for years. (to the original material)

- SMS phishing scam lures Rogers customers with outage refunds. (to the original material)

- Passwordstate hackers phish for more victims with updated malware. (to the original material)

- Cyberspies target military organizations with new Nebulae backdoor. (to the original material)

- UK rail network Merseyrail likely hit by Lockbit ransomware. (to the original material)

- GitHub disables Google FLoC user tracking on its website. (to the original material)

- Double Trouble – the Threat of Double Extortion Ransomware and How Your Organization Can Protect Itself. (to the original material)

- Despite the pandemic, 85% of organizations completed their audits as planned. (to the original material)

- IT security teams challenges fueled by record-setting cyberattacks. (to the original material)

- MFA (Multi-Factor Authentication) spending on the rise, but organizations still unclear on best practices. (to the original material)

- Only 8% of businesses that paid a ransom got all of their data back. (to the original material)

- Managing and maturing Kubernetes security in the enterprise. (to the original material)

- The next big thing in cloud computing? Shh… It’s confidential. (to the original material)

27.04.2021 - News from cyber security.

- Apple Releases Security Updates. (to the original material)

- Google Releases Security Updates for Chrome. (to the original material)

- Potential exploitation of Click Studio’s PasswordState software. (to the original material)

- Microsoft Edge to add automatic HTTPS option for all domains. (to the original material)

- FBI shares 4 million email addresses used by Emotet with Have I Been Pwned. (to the original material)

- MangaDex discloses data breach after stolen database shared online. (to the original material)

- Five reasons to install protection for all devices and how to do it. (to the original material)

- Emails with a LinkedIn subject line remain the most successful email scams in 2021. (to the original material)

- A data-driven look at the key developments shaping the future of work. (to the original material)

- Trends in the evaluation and implementation of enterprise AI adoption. (to the original material)

- 16% of mobile devices in developing markets now infected with malware. (to the original material)

- Research directions in cybersecurity to support a digital strategic autonomy. (to the original material)

- Avoid these CSPM (Cloud Security Posture Management) mistakes to increase your cloud security posture. (to the original material)

- Apple patches macOS zero-day exploited by malware for months (CVE-2021-30657). (to the original material)

26.04.2021 - News from cyber security.

- 26th April – Threat Intelligence Report. (to the original material)

- CISA and NIST Release New Interagency Resource: Defending Against Software Supply Chain Attacks. (to the original material)

- FBI-DHS-CISA Joint Advisory on Russian Foreign Intelligence Service Cyber Operations. (to the original material)

- Google is quickly rolling out an update for a zero-day vulnerability in Chrome. (to the original material)

- DC Police confirms cyberattack after ransomware gang (Babuk) leaks data. (to the original material)

- Reverb discloses data breach exposing musicians' personal info. (to the original material)

- Ransomware gang now warns they will leak new Apple logos, iPad plans. (to the original material)

- Accellion data breaches drive up average ransom price. (to the original material)

- Apple fixes macOS zero-day bug exploited by Shlayer malware. (to the original material)

- Microsoft Defender now blocks cryptojacking malware using Intel TDT (Threat Detection Technology) (to the original material)

- US warns of Russian state hackers still targeting US, foreign orgs. (to the original material)

- Vulnerability Summary for the Week of April 19, 2021. (to the original material)

- How to Secure Engineer Access to Cloud Workloads with Zero Trust. (to the original material)

- Consumers embracing biometrics to protect their information. (to the original material)

- 61% of organizations impacted by ransomware in 2020. (to the original material)

- Cybercriminals evolving their tactics to exploit collective human interest. (to the original material)

- AI industry alarmingly unprepared for real-world attacks. (to the original material)

- Push past zero trust barriers to securely connect the distributed workforce. (to the original material)

- Connected medical devices brought security loopholes mainstream. (to the original material)

- QNAP NAS devices under ransomware attack. (to the original material)

25.04.2021 - News from cyber security.

- Hacker (ShinyHunters) leaks 20 million alleged BigBasket user records for free. (to the original material)

- Emotet malware nukes itself today from all infected computers worldwide. (to the original material)

24.04.2021 - News from cyber security.

- A ransomware gang (Qlocker) made $260,000 in 5 days using the 7zip utility. (to the original material)

- New cryptomining malware (Syssrv-hello) builds an army of Windows, Linux bots. (to the original material)

- Fake Microsoft DirectX 12 site pushes crypto-stealing malware. (to the original material)

- HashiCorp is the latest victim of Codecov supply-chain attack. (to the original material)

23.04.2021 - News from cyber security.

- The Week in Ransomware - April 23rd 2021 - A brutal week. (to the original material)

- Passwordstate password manager hacked in supply chain attack. (to the original material)

- Phishing impersonates global recruitment firm to push malware. (to the original material)

- Twitter accidentally sends suspicious emails asking to confirm accounts. (to the original material)

- Moving Targets – the Growing Threat to Enterprise Mobiles. (to the original material)

- Remote work increasing the growth rate of the EDR (Endpoint Detection and Response) market. (to the original material)

- Trends and technologies that are helping supply chains respond, recover and thrive during pandemic. (to the original material)

- COVID-19 creates a boom in biometric adoption. (to the original material)

- What IT leaders are prioritizing in network security investments? (to the original material)

- New infosec products of the week: April 23, 2021. (to the original material)

- Transitioning to a SASE architecture. (to the original material)

22.04.2021 - News from cyber security.

- CISA Incident Response to SUPERNOVA Malware. (to the original material)

- Drupal Releases Security Updates. (to the original material)

- Botnet backdoors Microsoft Exchange servers, mines cryptocurrency. (to the original material)

- QNAP removes backdoor account in NAS backup, disaster recovery app. (to the original material)

- Attackers can hide 'external sender' email warnings with HTML and CSS. (to the original material)

- Signal CEO gives mobile-hacking firm a taste of being hacked. (to the original material)

- Turning Telegram toxic: ‘ToxicEye’ RAT is the latest to use Telegram for command & control. (to the original material)

- Technologies, markets and apps transitioning to the 5G communications era. (to the original material)

- IT security teams deal with unique challenges fueled by a remote workforce. (to the original material)

- 67% of IT pros concerned with teleworking endpoint misuse. (to the original material)

- Infosecurity transformation and building proactive mitigation strategies. (to the original material)

- Outgunned CISOs navigate complex obstacles to keep rising attacks from turning into breaches. (to the original material)

- How micro-segmentation creates an uphill battle for intruders. (to the original material)

- Cloud Sniper: Manage and automate cloud security operations. (to the original material)

- Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities. (to the original material)

- Critical infrastructure implications of the Pulse Secure multi-factor authentication bypass. (to the original material)

21.04.2021 - News from cyber security.

- How we fought bad apps and developers in 2020. (to the original material)

- Cyber security training for school staff. (to the original material)

- SonicWall Releases Patches for Email Security Products. (to the original material)

- Google Releases Security Updates for Chrome. (to the original material)

- Exploitation of Pulse Connect Secure Vulnerabilities. (to the original material)

- The nightmare of IT teams in companies: employees mix personal life with office work (Bitdefender study). (to the original material)

- Massive Qlocker ransomware attack uses 7zip to encrypt QNAP devices. (to the original material)

- Linux bans University of Minnesota for committing malicious code. (to the original material)

- Google fixes exploited Chrome zero-day dropped on Twitter last week. (to the original material)

- CISA orders federal orgs to mitigate Pulse Secure VPN bug by Friday. (to the original material)

- Logins for 1.3 million Windows RDP servers collected from hacker market. (to the original material)

- WhatsApp Pink malware can now auto-reply to your Signal, Telegram texts. (to the original material)

- Facebook leaks strategy to numb reaction to data scraping incidents. (to the original material)

- Most enterprise leaders concerned about digital transformation ROI (Return on Investment). (to the original material)

- Complexity and budgetary constraints complicate cloud security. (to the original material)

- Most users don’t know the capabilities and risks of QR codes. (to the original material)

- Cybersecurity only the tip of the iceberg for third-party risk management. (to the original material)

- Securing vehicles from potential cybersecurity threats. (to the original material)

- How do I select an identity management solution for my business? (to the original material)

- Attackers are exploiting zero-day in Pulse Secure VPNs to breach orgs (CVE-2021-22893). (to the original material)

- Hackers found leveraging three SonicWall zero-day vulnerabilities. (to the original material)

20.04.2021 - News from cyber security.

- Updated advice on Pulse Connect Secure RCE Vulnerability. (to the original material)

- CISA Issues Emergency Directive on Pulse Connect Secure. (to the original material)

- CISA Releases Alert on Exploitation of Pulse Connect Secure Vulnerabilities. (to the original material)

- Oracle Releases April 2021 Critical Patch Update. (to the original material)

- VMware Releases Security Update. (to the original material)

- Mozilla Releases Security Update for Firefox, Firefox ESR, and Thunderbird. (to the original material)

- REvil gang tries to extort Apple, threatens to sell stolen blueprints. (to the original material)

- SonicWall warns customers to patch 3 zero-days exploited in the wild. (to the original material)

- Eversource Energy data breach caused by unsecured cloud storage. (to the original material)

- Microsoft partially fixes Windows 7, Server 2008 vulnerability. (to the original material)

- Pulse Secure VPN zero-day used to hack defense firms, govt orgs. (to the original material)

- Fake Microsoft Store, Spotify sites spread info-stealing malware. (to the original material)

- Hundreds of networks reportedly hacked in Codecov supply-chain attack. (to the original material)

- North Korean hackers adapt web skimming for stealing Bitcoin. (to the original material)

- Number of users of software-based facial recognition for payments to surge. (to the original material)

- Employees don’t want to give up work flexibility after the pandemic is over. (to the original material)

- Even though critical, web application security is getting less attention. (to the original material)

- CISO’s guide to automating third-party cyber risk management. (to the original material)

- Consumer data protection is a high priority, but there’s still work to be done. (to the original material)

- Facebook Messenger users targeted by a large-scale scam. (to the original material)

19.04.2021 - News from cyber security.

- 19th April – Threat Intelligence Report. (to the original material)

- Are you spring cleaning? Don't forget your fingerprint. (to the original material)

- Geico data breach exposed customers' driver's license numbers. (to the original material)

- Google Alerts continues to be a hotbed of scams and malware. (to the original material)

- Vulnerability Summary for the Week of April 12, 2021. (to the original material)

- Organizations Embrace Consolidation Strategies to Combat Surge in Sophisticated Attacks. (to the original material)

- Bad bot traffic reaching an all-time high over the past year. (to the original material)

- Five steps to get employees invested in security awareness training. (to the original material)

- Payment transaction volume using 3-D Secure protocol grows globally. (to the original material)

- Your ultimate guide to CISSP exam planning. (to the original material)

- COVID-19-themed cyberattack detections continue to surge. (to the original material)

- Improper cloud IAM (Identity and Access Management) leaving organizations at risk. (to the original material)

- Digital business requires a security-first mindset. (to the original material)

18.04.2021 - News from cyber security.

- WordPress may automatically disable Google FLoC (Federated Learning of Cohorts) on websites. (to the original material)

- Discord Nitro gift codes now demanded as ransomware payments. (to the original material)

- US sanctions cryptocurrency addresses linked to Russian cyberactivities. (to the original material)

- Week in review: New DNS vulnerabilities, benefits of cyber threat intelligence, FBI removes web shells. (to the original material)

17.04.2021 - News from cyber security.

- Microsoft fixes Windows 10 bug that can corrupt NTFS drives. (to the original material)

- Ryuk ransomware operation updates hacking techniques. (to the original material)

- Major BGP leak disrupts thousands of networks globally. (to the original material)

16.04.2021 - News from cyber security.

- WordPress Releases Security and Maintenance Update. (to the original material)

- One in six people use their pet's name as their password. (to the original material)

- The Week in Ransomware - April 16th 2021 - The Houston Rockets. (to the original material)

- Popular Codecov code coverage tool hacked to steal dev credentials. (to the original material)

- HackBoss malware poses as hacker tools on Telegram to steal digital coins. (to the original material)

- The enterprise eGRC (enterprise Governance, Risk and Compliance) market is expected to grow. (to the original material)

- 49% of employees prefer a hybrid work arrangement. (to the original material)

- Consumers worry about the cybersecurity of connected vehicles. (to the original material)

- Infection Monkey: Open source tool allows zero trust assessment of AWS environments. (to the original material)

- The parallels of pandemic response and IoT security. (to the original material)

- Protecting the human attack surface from the next ransomware attack. (to the original material)

15.04.2021 - News from cyber security.

- A New Standard for Mobile App Security. (to the original material)

- CISA and CNMF Analysis of SolarWinds-related Malware. (to the original material)

- UK and US call out Russia for SolarWinds compromise. (to the original material)

- NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks. (to the original material)

- Google Releases Security Updates for Chrome. (to the original material)

- Juniper Networks Releases Security Updates. (to the original material)

- NAME:WRECK DNS Vulnerabilities. (to the original material)

- Exchange server critical vulnerabilities. (to the original material)

- Celsius email system breach leads to phishing attack on customers. (to the original material)

- Mozilla drops Firefox support on Amazon Fire TV. (to the original material)

- US government confirms Russian SVR behind the SolarWinds hack. (to the original material)

- NSA: Top 5 vulnerabilities actively abused by Russian govt hackers. (to the original material)

- Microsoft Continues to be Most Imitated Brand for Phishing Attempts in Q1 2021. (to the original material)

- 48% of IT leaders accelerated automation projects. (to the original material)

- The impact of the pandemic on AML (Anti-Money Laundering) compliance and fraud strategies. (to the original material)

- Advice for aspiring threat hunters, investigators, and researchers from the old town folk. (to the original material)

- The future of touchless visitor management lies with biometrics. (to the original material)

- Machine learning-powered cybersecurity depends on good data and experience. (to the original material)

- Open source security, license compliance, and maintenance issues are pervasive in every industry. (to the original material)

14.04.2021 - News from cyber security.

- Rust in the Linux kernel. (to the original material)

- Security updates released for Microsoft Exchange Servers. (to the original material)

- Threat Actors Targeting Cybersecurity Researchers. (to the original material)

- Apply Microsoft April 2021 Security Update to Mitigate Newly Disclosed Microsoft Exchange Vulnerabilities. (to the original material)

- SAP fixes critical bugs in Business Client, Commerce, and NetWeaver. (to the original material)

- Second Google Chrome zero-day exploit dropped on twitter this week. (to the original material)

- Vivaldi, Brave, DuckDuckGo reject Google's FLoC ad tracking tech. (to the original material)

- What you need to know to avoid Instagram scams. (to the original material)

- Activision warns of trojans with remote access rights in cheat tools for "Call of Duty". (to the original material)

- Europe data center market to grow steadily by 2026. (to the original material)

- Despite higher workloads, risk managers have high levels of job satisfaction. (to the original material)

- 330 million people across 10 countries were victims of cybercrime in 2020. (to the original material)

- Detection capabilities improve, but ransomware surges on. (to the original material)

- DDoS attack activity: 10 million-plus attacks and 22% increase in attack frequency. (to the original material)

- Get your firm to say goodbye to password headaches. (to the original material)

- FBI removes web shells from hacked Microsoft Exchange servers. (to the original material)

13.04.2021 - News from cyber security.

- Google Releases Security Updates for Chrome. (to the original material)

- SAP Releases April 2021 Security Updates. (to the original material)

- Adobe Releases Security Updates. (to the original material)

- Clubhouse, back in the spotlight after user data was published online. (to the original material)

- FBI nuked web shells from hacked Exchange Servers without telling owners. (to the original material)

- Capcom: Ransomware gang used old VPN device to breach the network. (to the original material)

- CISA gives federal agencies until Friday to patch Exchange servers. (to the original material)

- NSA discovers critical Exchange Server vulnerabilities, patch now. (to the original material)

- New Linux, macOS malware hidden in fake Browserify NPM package. (to the original material)

- Microsoft April 2021 Patch Tuesday fixes 108 flaws, 5 zero-days. (to the original material)

- QBot malware is back replacing IcedID in malspam campaigns. (to the original material)

- Adobe fixes critical vulnerabilities in Photoshop and Digital Editions. (to the original material)

- Watch out for this W-2 phishing scam targeting the 2021 tax season. (to the original material)

- NAME:WRECK DNS vulnerabilities affect over 100 million devices. (to the original material)

- Security for Entertainment IoT. (to the original material)

- March 2021’s Most Wanted Malware: IcedID Banking Trojan Enters Top 10 Following Covid-Related Campaign. (to the original material)

- Cybersecurity guide for the hospitality industry. (to the original material)

- New DNS vulnerabilities have the potential to impact millions of devices. (to the original material)

- How to address post-pandemic infrastructure pain points. (to the original material)

- XDR (eXtended Detection and Response) and MDR (Managed Detection and Response): What’s the difference and why does it matter? (to the original material)

12.04.2021 - News from cyber security.

- 12th April – Threat Intelligence Report. (to the original material)

- Updates on Microsoft Exchange Server Vulnerabilities. (to the original material)

- Google Chrome, Microsoft Edge zero-day vulnerability shared on Twitter. (to the original material)

- CS:GO, Valve Source games vulnerable to hacking using Steam invites. (link material universal)

- Dutch supermarkets run out of cheese after ransomware attack. (to the original material)

- Pulse Secure VPN users can't login due to expired certificate. (to the original material)

- Vulnerability Summary for the Week of April 5, 2021. (to the original material)

- Cloudified Data Centers are the New Normal. (to the original material)

- Check Point’s Mobile Security Report 2021: Almost Every Organization Experienced a Mobile-related Attack in 2020. (to the original material)

- Bitdefender 2020 Consumer Threat Landscape Report – Attackers increasingly target the human level. (to the original material)

- CFOs focused on growth, investing for the future. (to the original material)

- Scientists develop quantum machine learning methods for reasoning. (to the original material)

- Increasing need for ITOps process automation due to digital transformation. (to the original material)

- The benefits of cyber threat intelligence. (to the original material)

- The SOC (Security Operations Center) is blind to the attackable surface. (to the original material)

- Using Salesforce? Here are 5 security and compliance considerations. (to the original material)

- Securing an online marketplace through the COVID-19-fueled boom. (to the original material)

11.04.2021 - News from cyber security.

- Mozilla flooded with requests after Apple privacy changes hit Facebook. (to the original material)

- Week in review: SAP apps under attack, Zero Trust creator talks, Patch Tuesday forecast. (to the original material)

10.04.2021 - News from cyber security.

- Joker malware infects over 500,000 Huawei Android devices. (to the original material)

- Android malware found embedded in APKPure store application. (to the original material)

09.04.2021 - News from cyber security.

- More Master's degrees at UK universities recognised by cyber security experts. (to the original material)

- Paws-word change recommended on National Pet Day. (to the original material)

- The Week in Ransomware - April 9th 2021 - Massive ransom demands. (to the original material)

- Leading cosmetics group Pierre Fabre hit with $25 million ransomware attack. (to the original material)

- Attackers deliver legal threats, IcedID malware via contact forms. (to the original material)

- World's largest pathologists association discloses credit card incident. (to the original material)

- Zerodium triples WordPress remote code execution exploit payout. (to the original material)

- Researchers earn $1,2 million for exploits demoed at Pwn2Own 2021. (to the original material)

- “The WAF (Web Application Firewall) Is Dead” (and we know who did it). (to the original material)

- How global markets are adopting real-time payments. (to the original material)

- Remote work: One of the legacies of the pandemic. (to the original material)

- Most organizations have already migrated to a cloud VPN. (to the original material)

- Cybersecurity threats and cybercrime trends of 2020. (to the original material)

- Having a cybersecurity training program in place isn’t enough to ensure cyber safety. (to the original material)

- New infosec products of the week: April 9, 2021. (to the original material)

- April 2021 Patch Tuesday forecast: Security best practices. (to the original material)

08.04.2021 - News from cyber security.

- Alert: Critical risk to unpatched Fortinet VPN devices. (to the original material)

- Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments. (to the original material)

- Cisco Releases Security Updates for Multiple Products. (to the original material)

- $38 million worth of gift cards stolen and sold on the dark web. (to the original material)

- The number of ransomware attacks has increased almost sixfold in the pandemic. (to the original material)

- CISA releases tool to review Microsoft 365 post-compromise activity. (to the original material)

- Google Chrome blocks port 10080 to stop NAT Slipstreaming attacks. (to the original material)

- Over 600,000 stolen credit cards leaked after Swarmshop hack. (to the original material)

- Belden says health benefits data stolen in 2020 cyberattack. (to the original material)

- Microsoft releases a cyberattack simulator - Shall we play a game? (to the original material)

- Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall. (to the original material)

- Microsoft Office 365 phishing evades detection with HTML Lego pieces. (to the original material)

- North Korean hackers use new Vyveva malware to attack freighters. (to the original material)

- Tech support scammers lure victims with fake antivirus billing emails. (to the original material)

- Deliver Security and Trust to IoT, with this IoT Security Guide by IDC. (to the original material)

- Financial organizations struggling to secure data in the cloud. (to the original material)

- 68% of construction executives have no cybersecurity measures in place. (to the original material)

- Fraudulent purchase attempts value increased 69% in 2020. (to the original material)

- Businesses shifting to remote work need to focus on securing endpoint devices. (to the original material)

- Cybercriminals are using Telegram bots, Google Forms to gather stolen user data. (to the original material)

- A rush to remote working leaving businesses vulnerable to cybercriminals. (to the original material)

- Cloud-native watering hole attack: Simple and potentially devastating. (to the original material)

- 4 things you can do to minimize cyberattacks on supply and value chains. (to the original material)

- Office 365 phishing campaign uses publicly hosted JavaScript code. (to the original material)

07.04.2021 - News from cyber security.

- 5 reasons why financial companies and more are struggling with cyber security. (to the original material)

- VISA: Hackers increasingly using web shells to steal credit cards. (to the original material)

- REvil ransomware now changes password to auto-login in Safe Mode. (to the original material)

- Cisco fixes bug allowing remote code execution with root privileges. (to the original material)

- New Cring ransomware hits unpatched Fortinet VPN devices. (to the original material)

- Google Forms and Telegram abused to collect phished credentials. (ling material original)

- Gigaset Android phones infected by malware via hacked update server. (to the original material)

- Microsoft's Windows 10, Exchange, and Teams hacked at Pwn2Own. (to the original material)

- Facebook attributes 533 million users' data leak to "scraping" not hacking. (to the original material)

- Android malware infects wannabe Netflix thieves via WhatsApp. (to the original material)

- The Nightmares of Patch Management: The Status Quo and Beyond. (to the original material)

- Autoreply attack! New Android malware found in Google Play Store spreads via malicious auto-replies to WhatsApp messages. (to the original material)

- Phone numbers and profile information of 533 million Facebook users stolen and published online. (to the original material)

- IT security budgets to increase over the next 12 months. (to the original material)

- Not all eSignature solutions are necessarily right for business. (to the original material)

- Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT. (to the original material)

- People are the weakest link in data breaches, but can they be held accountable? (to the original material)

- SASE or zero trust? Why security teams should be using both. (to the original material)

- How do I select an attack detection solution for my business? (to the original material)

- Vulnerabilities in ICS-specific backup solution open industrial facilities to attack. (to the original material)

- SAP applications are getting compromised by skilled attackers. (to the original material)

06.04.2021 - News from cyber security.

- Rust in the Linux kernel. (to the original material)

- Malicious Cyber Activity Targeting Critical SAP Applications. (to the original material)

- Windows XP makes ransomware gangs work harder for their money. (to the original material)

- Have I Been Pwned adds search for leaked Facebook phone numbers. (to the original material)

- European Commission, other EU orgs recently hit by cyber-attack. (to the original material)

- Hacker sells $38M worth of gift cards from thousands of shops. (to the original material)

- Ransomware hits TU (Technological University) Dublin and National College of Ireland. (to the original material)

- Facebook data leak now under EU data regulator investigation (to the original material)

- Ongoing attacks are targeting unsecured mission-critical SAP apps. (to the original material)

- EtterSilent maldoc builder used by top cybercriminal gangs. (to the original material)

- 99% of security pros concerned about their IoT (Internet of Things) and IIoT (Industrial Internet of Things) security. (to the original material)

- 58% of IT and security pros concerned about security in the cloud. (to the original material)

- MindAPI makes API security research and testing easier. (to the original material)

- Review: Group-IB Threat Hunting Framework. (to the original material)

- Zero Trust creator talks about implementation, misconceptions, strategy. (to the original material)

05.04.2021 - News from cyber security.

- 5th April – Threat Intelligence Report. (to the original material)

- 7 steps to secure your Twitter account. (to the original material)

- Adult content from hundreds of OnlyFans creators leaked online. (to the original material)

- Return to Sender: Preventing Ransomware While Working From Home. (to the original material)

- Vulnerability Summary for the Week of March 29, 2021. (to the original material)

- Supply chain attacks: what we know about the SolarWinds ‘Sunburst’ exploit, and why it still matters. (to the original material)

- As online fraud rises, 72% of retail brands expect to grow fraud teams. (to the original material)

- Number of eSIMs installed in connected devices to reach 3.4B in 2025. (to the original material)

- The impact of the CCPA on companies’ privacy practices. (to the original material)

- We must crush digital misinformation before it destroys society. (to the original material)

- Encryption is either secure or it’s not – there is no middle ground. (to the original material)

04.04.2021 - News from cyber security.

- How to check if your info was exposed in the Facebook data leak. (to the original material)

- Sierra Wireless resumes production after ransomware attack. (to the original material)

- Week in review: PHP supply chain attack, common zero trust traps, hardening CI/CD pipelines. (to the original material)

03.04.2021 - News from cyber security.

- APT exploitation of Fortinet Vulnerabilities. (to the original material)

- Malware attack is preventing car inspections in eight US states. (to the original material)

- 533 million Facebook users’ phone numbers leaked on hacker forum. (to the original material)

- Most loved programming language Rust sparks privacy concerns. (to the original material)

- Ransomware gang leaks data from Stanford, Maryland universities. (to the original material)

- GitHub Actions being actively abused to mine cryptocurrency on GitHub servers. (to the original material)

02.04.2021 - News from cyber security.

- VMware Releases Security Update. (to the original material)

- FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities. (to the original material)

- FBI and CISA warn of state hackers attacking Fortinet FortiOS servers. (to the original material)

- Brown University hit by cyberattack, some systems still offline. (to the original material)

- Asteelflash electronics maker hit by REvil ransomware attack. (to the original material)

- Popular Twitch AdBlock shuts down after Twitch breaks extension. (to the original material)

- Qualys says Accellion hackers did not breach production systems. (to the original material)

- Capital One notifies more clients of SSNs exposed in 2019 data breach. (to the original material)

- Ransomware gang wanted $40 million in Florida schools cyberattack. (to the original material)

- GitHub Arctic Vault likely contains leaked MedData patient records. (to the original material)

- MacKenzie Scott Grant scam more widespread than initially thought. (to the original material)

- The authentication and brand protection market to reach $3.7 billion by 2026. (to the original material)

- Mobile providers exposing sensitive data to leakage and theft. (to the original material)

- Encrypted method that measures encounters could slow down or prevent future pandemics. (to the original material)

- 5 key cybersecurity risks in 2021, and how to address them now. (to the original material)

- New infosec products of the week: April 2, 2021. (to the original material)

- Death, taxes, and hacks: How to prevent cyberattacks during tax season. (to the original material)

01.04.2021 - News from cyber security.

- Are you ready to prevent data loss? (to the original material)

- US DOJ: Phishing attacks use vaccine surveys to steal personal info. (to the original material)

- Coinhive domain repurposed to warn visitors of hacked sites, routers. (to the original material)

- VMware fixes authentication bypass in data center security software. (to the original material)

- Ubiquiti confirms extortion attempt following security breach. (to the original material)

- Cloud technology adoption gap between internal audit and other enterprise functions to narrow. (to the original material)

- Why passwords are to blame for loss of revenue, identity attrition and poor customer experiences. (to the original material)

- SolarWinds breach severity perception increasing over time. (to the original material)

- The growing threat to CI/CD (Continuous Integration/ Continuous Delivery) pipelines. (to the original material)

- Want to get around a CAPTCHA? That’ll be 0.00094c, please. (to the original material)

- VMware patches critical vRealize Operations flaws that could lead to RCE. (to the original material)


Archive:

Click here to access archive content.
Click here to access CMS (Content Management System) in Joomla.

Source:

Click here to access to documentation sources.

Note Dorin M.

This site has a double form, one in HTML and one in Joomla (if you are interested in the utility behind this effort you can read the "Why  a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.

Dorin M - April 30, 2021