Study - Technical - LMS-SFC (EN) - Cyber Security - News Archive December 2021

Cyber Security - News Archive

December 2021

31.12.2021 - News from Cyber Security.

- Supply chains, ransomware, zero trust and other security predictions for 2022. (to the original material)

- Exploring the curent state of cybersecurity resilience. (to the original material)

- The pandemic is changing technology solutions for the future of work. (to the original material)

- Top 10 Computer Weekly downtime upload podcasts of 2021. (to the original material)

- Top 10 crime, national security and law stories of 2021. (to the original material)

- 2021 review: The main channel themes. (to the original material)

- Top 10 startup stories of 2021. (to the original material)

- Pulse TV discloses potential compromise of 200,000 credit cards. (to the original material)

- Top 10 healthcare breaches in the U.S. exposed data of 19 million. (to the original material)

- Netgear leaves vulnerabilities unpatched in Nighthawk router. (to the original material)

- Block this now: Cobalt Strike and other Red-team tools. (to the original material)

30.12.2021 - News from Cyber Security.

- Cybersecurity News of the Week (30.12.2021). (to the original material)

- 22 cybersecurity statistics to know for 2022. (to the original material)

< Forrester as cybersecurity incident response services provider. (to the original material)

- 5 common gift card scams and how to spot them. (to the original material)

- Emotet now drops Cobalt Strike, fast forwards ransomware attacks. (to the original material)

- Grafana fixes zero-day vulnerability after exploits spread over Twitter. (to the original material)

- Alleged ransomware affiliate arrested for healthcare attacks. (to the original material)

- U.S. universities targeted by Office 365 phishing attacks. (to the original material)

- New Cerber ransomware targets Confluence and GitLab servers. (to the original material)

- Google disrupts massive Glupteba botnet, sues Russian operators. (to the original material)

- 27 flaws in USB-over-network SDK affect millions of cloud users. (to the original material)

- German security company G DATA has launched a STOP ransomware vaccine released to block encryption. (to the original material)

- QNAP warns users of bitcoin miner targeting their NAS devices. (to the original material)

- Twitter bots pose as support staff to steal your cryptocurrency. (to the original material)

- Nordic Choice Hotels hit by Conti ransomware, but there is no ransom demand yet. (to the original material)

- Below the Surface: Bot Attacks: Top threats and trends (to the original material)

- Omicron scam targets universities. (to the original material)

- Vulnerabilities found in GOautodial. (to the original material)

- Just 3% of UK firms escaped a supply chain breach in 2021. (to the original material)

- 96% of ransomware victims who paid the ransom agree to pay additional extortion fees. (to the original material)

- UK's poor cyber risk planning could "wreak havoc". (to the original material)

- The technical support during the holidays guide: Repair and strengthen the family's router. (to the original material)

- Most security leaders worry traditional approach doesn't shield again supply chain attacks. (to the original material)

- Why a password manager could be your most vital security tool. (to the original material)

- First Circuit affirms school's punishment of students for online social media posts. (to the original material)

- Pay a hacker, save a life. (to the original material)

- Microsoft Whac-A-Moles websites of Chinese hackers APT15 ("Nickel"). (to the original material)

- The Linux Foundation embraces CASE for cyber security forensics. (to the original material)

- Cloud protection over bifurcated network security. (to the original material)

- Charitable giving sector a major cyberattack target. (to the original material)

- Cambridge Quantum launches cryptographic key service. (to the original material)

06.12.2021 - News from Cyber Security.

- Zoho releases security advisory for ManageEngine Desktop Central and Desktop Central MSP. (to the original material)

- CISA releases security advisory on WebHMI vulnerabilities. (to the original material)

- Vulnerabilities summary for the week of November 29, 2021. (to the original material)

- Kafdrop flaw allows data from Kafka clusters to be exposed internet-wide. (to the original material)

- Making robotics security a top priority. (to the original material)

- 2022 and the threat landscape: The top 5 future cybersecurity challenges. (to the original material)

- Fraudulent e-commerce transactions spiked between Thanksgiving and Cyber Monday. (to the original material)

- Cybercrime supply chain: Fueling the rise in ransomware. (to the original material)

- How proactive are companies when managing data? (to the original material)

- Increased connectivity: What's in store for 2022? (to the original material)

- Quantum computing market to reach $8.6 billion in 2027. (to the original material)

- What are buffer overflow attacks and how are they thwarted? (to the original material)

- Microsoft seizes sites used by APT15 Chinese state hackers. (to the original material)

- France warns of Nobelium cyberspies attacking French organizations. (to the original material)

- Hundreds of SPAR (chain of shops in the north of England) stores shut down, switching to cash after cyberattack. (to the original material)

- WhatsApp adds default disappearing messages for new chats. (to the original material)

- Securing the everywhere cloud. (to the original material)

- Prison for Newstar Enterprise websites administrator, money launderer. (to the original material)

- Cyberattack shutting down the work of several SPAR convenience stores in UK. (to the original material)

- BitMart confirms $150 million crypto theft. (to the original material)

- Cuba ransomware network extort nearly $50 million. (to the original material)

- Nine State Department officials had their iPhones hacked, hijacked by spyware. (to the original material)

- Romance fraudster pleads guilty to charges of fraud and online money laundering in the case of 670 female victims. (to the original material)

- WooCommerce credit card swiper injected into random plugin files. (to the original material)

- How federal agencies can thwart nation-state attacks. (to the original material)

- Home routers are full of security bugs - patch now. (to the original material)

- Ikea Reply Chain Attack spotlights need for security boost. (to the original material)

- Your CEO isn't real: How to deal with deep fakes. (to the original material)

- Interview with Nathan Collins – PAVilion. (to the original material)

05.12.2021 - News from Cyber Security.

- Beware of SIM swap fraud. (to the original material)

- Convincing Microsoft phishing uses fake Office 365 spam alerts. (to the original material)

- As Twitter removes blue badges for many, phishing campaign targets verified accounts. (to the original material)

- Week in review: 150+ HP multifunction printers open to attack, how to combat ransomware with visibility. (to the original material)

- Russian hacking group (Nobelium) uses new Ceeloader malware. (to the original material)

- Malicious Excel XLL add-ins distribute RedLine password-stealing malware. (to the original material)

- Persuasive Phishing Microsoft uses fake Office 365 spam alerts. (to the original material)

- As Twitter removes the blue badges for many, phishing targets verified accounts. (to the original material)

- Enterprise security leaders think traditional methods aren't meeting modern threats. (to the original material)

- Software developers at biggest risk of cybersecurity breaches. (to the original material)

- New report identifies malicious activity "hotspots". (to the original material)

- Meta explains why it is taking so long to bring end-to-end encryption to Facebook Messenger and Instagram – and what it is doing in the meantime. (to the original material)

- Why remote workforces needs better strategies for security and data protection (Q&A). (to the original material)

04.12.2021 - News from Cyber Security.

- Malicious KMSPico installers steal your cryptocurrency wallets. (to the original material)

- Many businesses still refuse to shake legacy systems and processes. (to the original material)

- Mid-market businesses are particularly ill-equipped to shield against attacks. (to the original material)

- B2B are getting cold feet on buying decisions. (to the original material)

- Many workers are fed up with faulty IT kits. (to the original material)

- Google Cloud hacks mostly used for illegal cryptomining. (to the original material)

- Malware gets more sophisticated and is more likely to demand a ransom. (to the original material)

- International Computer Security Day seeks to raise awareness. (to the original material)

- Vulnerabilities found in HP multi-function printers. (to the original material)

- Zoom boosts security with automatic updates for Windows and macOS – but Linux users miss out. (to the original material)

- Telehealth takes off, but cybersecurity concerns persist. (to the original material)

- 0patch beats Microsoft to fix serious local privilege escalation vulnerability in Windows. (to the original material)

03.12.2021 - News from Cyber Security.

- 7 arrested in Malta on suspicion of illegal money transfers. (to the original material)

- Going with all the acceleration in terms of cybersecurity certification and the market. (to the original material)

- Determined APT group exploits ManageEngine SeviceDesk Plus vulnerability (CVE-2021-44077). (to the original material)

- New InfoSec products of the week: December 3, 2021. (to the original material)

- Major trends in online identity verification for 2022. (to the original material)

- Tor2Mine cryptominer has evolved: Just patching and cleaning the system won't help. (to the original material)

- Phishing kits' favorite brand? Amazon. (to the original material)

- Top technological trends for 2022. (to the original material)

- Enterprises are embracing the multicloud, turning to providers for strategy. (to the original material)

- SMS firewalls revenue to reach $4.1 billion in 2026. (to the original material)

- The Week in ransomware - December 3, 2021 - Seizing Bitcoin. (to the original material)

- U.S. State Dept employees' phones hacked using NSO spyware. (to the original material)

- Fake support agents call victims to install Android banking malware. (to the original material)

- FBI: Cuba ransomware breached 49 US critical infrastructure organizations. (to the original material)

- Researchers discover 14 new data-stealing web browser attacks. (to the original material)

- Zoho: Patch new ManageEngine bug exploited in attacks ASAP. (to the original material)

- Ex Ubiquiti developer arrested for data theft. (to the original material)

- UK Government fined over honors list data breach. (to the original material)

- The U.S. develops cybersecurity directives for airlines and rails. (to the original material)

- Twitter and Meta Tackle Anti-Vaxxers and Chinese disinformation. (to the original material)

- Misconfigured database leaks info on 150,000 e-commerce buyers. (to the original material)

- Omicron phishing campaign hits users' inboxes. (to the original material)

- Threat Roundup for November 26 to December 3. (to the original material)

- Talos Takes, ep. 79: Emotet's back with the worst type of holiday present. (to the original material)

- Week in security with Tony Anscombe. (to the original material)

- Scammers exploit Omicron fears in new Covid-19 phishing campaign. (to the original material)

- Is my site hacked? 4 Gut checks. (to the original material)

- $150 million stolen in "imaginary money" crypto/DeFi hacks. (to the original material)

- Is artificial intelligence (AI) the future of cybersecurity? (to the original material)

- Widespread threats target automotive companies. (to the original material)

- Interview with Ivan Spencer-Phillips – Astaris. (to the original material)

- Interview with Jay Akin – Mushroom Networks. (to the original material)

- Interview with Tunio Zafer – pCloud. (to the original material)

- Interview with Hen Lamay – Deceptive Bytes. (to the original material)

02.12.2021 - News from Cyber Security.

- CISA and FBI release alert on active exploitation of CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus. (to the original material)

- Mozilla releases security updates for network security services. (to the original material)

- NSA and CISA release Part III of guidance on securing 5G cloud infrastructures. (to the original material)

- Cybersecurity news of the week (02.12.2021). (to the original material)

- Exploring container security: A storage vulnerability deep dive. (to the original material)

- Acra: Open-source database protection with field-level encryption and intrusion detection. (to the original material)

- The importance of vulnerability management for your organization. (to the original material)

- How phishing kits are enabling a new legion of pro phishers. (to the original material)

- Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling. (to the original material)

- Malware variants in 2021: Harder to detect and respond to. (to the original material)

- Railway cyber risk management: Raising awareness on relevant threats. (to the original material)

- The 5G market is about to take off: What to expect in 2022 and beyond. (to the original material)

- Phishing actors start exploiting the Omicron Covid-19 variant. (to the original material)

- Twitter removes 3,400 accounts used in government propaganda campaigns. (to the original material)

- Hackers use the in-house Zoho ServiceDesk exploit to drop webshells. (to the original material)

- Russian internet watchdog announces ban of six more VPN products. (to the original material)

- Nine WiFi routers used by millions of people were vulnerable to 266 flaws. (to the original material)

- New malware hides as legit nginx process on e-commerce servers. (to the original material)

- Phishing scam targets military families. (to the original material)

- Holiday season fraud fear higher this year. (to the original material)

- Police arrest 1,800 people in major money laundering crackdown. (to the original material)

- The leader of the Russian Bulletproof hosting Kingpin gets 5 years in prison. (to the original material)

- Double extortion ransomware victims soar 935%. (to the original material)

- Threat source newsletter (December 2, 2021). (to the original material)

- Magnat campaigns use malvertising to deliver information stealer, backdoor and malicious Chrome extensions. (to the original material)

- Technical support during the holidays guide: Checking your family's computer. (to the original material)

- How to outplay the ransomware Playbook. (to the original material)

- Security hygiene and posture management remain challenging. (to the original material)

01.12.2021 - News from Cyber Security.

- CISA adds five known exploited vulnerabilities to Catalog. (to the original material)

- Over 300,000 users downloaded malware droppers from Google Play. (to the original material)

- The ripple effect: Why protection against supply chain attacks is a must. (to the original material)

- Despite the popularity of password managers, many still use pen and paper. (to the original material)

- Control failures are behind a growing number of cybersecurity incidents. (to the original material)

- Alarming rise in cyberattacks against healthcare facilities, 68 attacks in the third quarter of 2021 only. (to the original material)

- How can businesses realize the true value of digital transformation? (to the original material)

- InfoSec products of the month: November 2021. (to the original material)

- Microsoft Exchange servers hacked to deploy BlackByte ransomware. (to the original material)

- Europol: 18,000 money mules caught laundering money from online fraud. (to the original material)

- VirusTotal collection feature helps keep neat IoC (Indicator of Compromise) lists. (to the original material)

- State-backed hackers increasingly use RTF (Rich Text Format) injection for phishing. (to the original material)

- Malicious Android app steals Malaysian bank credentials and MFA codes. (to the original material)

- Mozilla fixes critical bug in the cross-platform cryptography library. (to the original material)

- Twitter to remove the images of people posted without the consent of the subject in private media. (to the original material)

- Organizations now have 76 security tools to manage. (to the original material)

- HP printer hijack bugs impact 150 models. (to the original material)

- Head of MI6: Digital attack surface growing "exponentially". (to the original material)

- Vulnerabilities Spotlight: Use-after-free condition in Google Chrome could lead to code execution. (to the original material)

- Jumping the air gap: 15 years of nation-state effort. (to the original material)

- Planned Parenthood LA discloses data breach after ransomware attack. (to the original material)

- Emotet now spreads via Adobe Windows app installer fake packages. (to the original material)

- Former Ubiquiti developer charged with trying to extort his employer. (to the original material)

- The founder of Bulletproof Hosting imprisoned for help cybercrime gangs. (to the original material)

- WordPress Admin Creator – A simple but effective attack. (to the original material)

- PrivSec Global: Why the Council of Europe's police surveillance treaty is a pernicious influence on Latam legal privacy frameworks. (to the original material)

- Facebook's secret "Dangerous Organizations and Individuals" list creates problems for the company - and its users. (to the original material)

- The Internet needs fair rules of the road - and competitive drivers. (to the original material)

- AI/ML powered automation: The future of cybersecurity at scale. (to the original material)

- How to proactively remove file-based malware. (to the original material)

- Improving cybersecurity with MITRE ATT&CK framework. (to the original material)

Archive:

Click here to access archive content.
Click here to access CMS (Content Management System) in Joomla.

Source:

Click here to access to documentation sources.

Note Dorin M.

This site has a double form, one in HTML and one in Joomla (if you are interested in the utility behind this effort you can read the "Why a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.

Dorin M - December 31, 2021