Study - Technical - LMS-SFC (EN) - Cyber Security - News Archive July 2021

Cyber Security - News Archive

July 2021

31.07.2021 - News from cyber security.

- DarkSide ransomware gang returns as new BlackMatter operation. (to the original material)

- BlackMatter ransomware gang rises from the ashes of DarkSide, REvil. (to the original material)

- FBI warns investors of fraudsters posing as brokers and advisers. (to the original material)

- Remote print server gives anyone Windows admin privileges on a PC. (to the original material)

30.07.2021 - News from cyber security.

- CISA Announces Vulnerability Disclosure Policy (VDP) Platform. (to the original material).

- NSA Releases Guidance on Securing Wireless Devices While in Public. (to the original material)

- DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices. (to the original material)

- The Week in Ransomware - July 30th 2021 - €1 billion saved. (to the original material)

- Node.js fixes severe HTTP bug that could let attackers crash apps. (to the original material)

- Amazon gets $888 million GDPR fine for behavioral advertising. (to the original material)

- Linux eBPF bug gets root privileges on Ubuntu - Exploit released. (to the original material)

- Google to block logins on old Android devices starting September. (to the original material)

- PyPI packages caught stealing credit card numbers, Discord tokens. (to the original material)

29.07.2021 - News from cyber security.

- Cybersecurity news of the week (29.07.2021). (to the original material)

- 22 cyber security projects have been selected by the European Commission to receive funding of 10.9 million euros. (to the original material)

- APT trends report Q2 2021. (to the original material) (to the original material)

- Understanding the increase in Supply Chain Security Attacks. (to the original material)

- Massive wave of blackmail emails in Romania - hackers ask for $1,250 each not to publish compromising images of victims. (to the original material)

- Estonia arrests hacker who stole 286K ID scans from govt database. (to the original material)

- NSA shares guidance on how to secure your wireless devices. (to the original material)

- New destructive Meteor wiper malware used in Iranian railway attack. (to the original material)

- Chipotle’s marketing account hacked to send phishing emails, (to the original material)

- DoppelPaymer ransomware gang rebrands as the Grief group. (to the original material)

- Protecting the hybrid work scenario by adopting Zero Trust security. (to the original material)

- Influenced by the pandemic, data breach costs hit a record high, IBM report shows. (to the original material)

- Ransomware surged 93% in last 6 months fueled by triple extortion. (to the original material)

- Islands of Telecom: Risks in IT. (to the original material)

28.07.2021 - News from cyber security.

- Infosecurity Magazine suffering ‘significant’ DDoS attack. (to the original material)

- DDoS attacks in Q2 2021. (to the original material)

- Top Routinely Exploited Vulnerabilities. (to the original material).

- UK and allies publish advice to fix global cyber vulnerabilities. (to the original material)

- New US security memorandum bolsters critical infrastructure cybersecurity. (to the original material)

- Biden: Severe cyberattacks could escalate to 'real shooting war'. (to the original material)

- Google Play Protect fails Android security tests once more. (to the original material)

- Google: Android apps must provide privacy information by April 2022. (to the original material)

- Critical Microsoft Hyper-V bug could haunt orgs for a long time. (to the original material)

- FBI reveals top targeted vulnerabilities of the last two years. (to the original material)

- Northern Ireland suspends vaccine passport system after data leak. (to the original material)

27.07.2021 - News from cyber security.

- CISA Releases Security Advisory for Geutebruck Devices. (to the original material)

- Apple Releases Security Updates. (to the original material)

- Microsoft Releases Guidance for Mitigating PetitPotam NTLM Relay Attacks. (to the original material)

- A new chapter for Google’s Vulnerability Reward Program. (to the original material)

- Users of popular crypto app Maiar are targetted by SMiShing. (to the original material)

- LockBit ransomware now encrypts Windows domains using group policies. (to the original material)

- UC San Diego Health discloses data breach after phishing attack. (to the original material)

- Google launches new Bug Hunters vulnerability rewards platform. (to the original material)

- Microsoft Teams now automatically blocks phishing attempts. (to the original material)

- Indonesia's BRI Life probes reported data leak of 2M users. (to the original material)

26.07.2021 - News from cyber security.

- 26th July – Threat Intelligence Report. (to the original material)

- European Cybersecurity Atlas - The European Cyber Security Atlas. (to the original material)

- Apple fixes zero-day affecting iPhones and Macs, exploited in the wild. (to the original material)

- Telecom & Trust Services Incidents in 2020: System Failures on the Rise. (to the original material)

- Signal fixes bug that sent random images to wrong contacts. (to the original material)

- Microsoft Defender ATP now secures removable storage, printers. (to the original material)

- Researchers warn of unpatched Kaseya Unitrends backup vulnerabilities. (to the original material)

- No More Ransom saves almost €1 billion in ransomware payments in 5 years. (to the original material)

- Vulnerability Summary for the Week of July 19, 2021. (to the original material)

25.07.2021 - News from cyber security.

- Fake Windows 11 installers infecting devices with adware, malware. (to the original material)

24.07.2021 - News from cyber security.

- Microsoft shares mitigations for new PetitPotam NTLM relay attack. (to the original material)

23.07.2021 - News from cyber security.

- New PetitPotam attack allows take over of Windows domains. (to the original material)

- Fake Windows 11 installers now used to infect you with malware. (to the original material)

- MacOS malware steals Telegram accounts, Google Chrome data. (to the original material)

- The Week in Ransomware - July 23rd 2021 - Kaseya decrypted. (to the original material)

- Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots. (to the original material)

- Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows. (to the original material)

- Twitter reveals surprisingly low two-factor auth (2FA) adoption rate. (to the original material)

- A number of popular Wi-Fi routers still use default configuration passwords, making them susceptible to attack. (to the original material)

22.07.2021 - News from cyber security.

- Drupal Releases Security Updates. (to the original material)

- Home and office routers come under attack by China state hackers, France warns. (to the original material)

- Kaseya obtains universal decryptor for REvil ransomware victims. (to the original material)

- Akamai DNS global outage takes down major websites, online services. (to the original material)

- Ransomware gang breached CNA’s network via fake browser update. (to the original material)

- MITRE updates list of top 25 most dangerous software bugs. (to the original material)

- Atlassian asks customers to patch critical Jira vulnerability. (to the original material)

- Russia disconnected from global internet in tests. (to the original material)

- Tips for Securing Your Industrial Control Systems with a Safer Operational Technology (OT) Environment. (to the original material)

- The FBI warns that hackers are targeting cryptocurrency reserves and exchanges. (to the original material)

- Five easy steps to strengthen the security of your Google account. (to the original material)

21.07.2021 - News from cyber security.

- TikTok, Snapchat account hijacker arrested for role in Twitter hack. (to the original material)

- CISA warns of stealthy malware found on hacked Pulse Secure devices. (to the original material)

- France warns of APT31 cyberspies targeting French organizations. (to the original material)

- Chinese state hackers breached over a dozen US pipeline operators. (to the original material)

- NPM package steals Chrome passwords on Windows via recovery tool. (to the original material)

- Google Chrome now comes with up to 50x faster phishing detection. (to the original material)

- XLoader malware steals logins from macOS and Windows systems. (to the original material)

- Microsoft shares workaround for Windows 10 SeriousSAM vulnerability. (to the original material)

- 2021 CWE Top 25 Most Dangerous Software Weaknesses. (to the original material)

- Malware Targeting Pulse Secure Devices. (to the original material)

- Adobe Releases Security Updates for Multiple Products . (to the original material)

- Adobe Patches 21 Vulnerabilities Across Seven Products. (to the original material)

- Apple Releases Security Updates. (to the original material)

- Google Releases Security Updates for Chrome. (to the original material)

- Hybrid Workplace Vulnerabilities: 4 Ways to Promote Online Safety. (to the original material)

- IoT Security Issues, Threats, and Defenses. (to the original material)

20.07.2021 - News from cyber security.

- Protecting more with Site Isolation. (to the original material)

- Advancing an inclusive, diverse security industry. (to the original material)

- DuckDuckGo's new email privacy service forwards tracker-free messages. (to the original material)

- New Windows 10 vulnerability allows anyone to get admin privileges. (to the original material)

- New Linux kernel bug lets you get root on most modern distros. (to the original material)

- FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics. (to the original material)

- 16-year-old bug in printer software gives hackers admin rights. (to the original material)

- Significant Historical Cyber-Intrusion Campaigns Targeting ICS. (to the original material)

- Oracle Releases July 2021 Critical Patch Update. (to the original material)

- Citrix Releases Security Updates . (to the original material)

- Google fixes a Chrome zero-day vulnerability exploited in the wild. (to the original material)

- Fortinet fixes bug letting unauthenticated hackers run code as root. (to the original material)

- New MosaicLoader malware targets software pirates via online ads. (to the original material)

- Thousands of Humana customers have their medical data leaked online by threat actors. (to the original material)

- French prosecutor opens probe after Pegasus spyware complaint. (to the original material)

- TeamTNT Activities Probed - Credential Theft, Cryptocurrency Mining, and More. (to the original material)

19.07.2021 - News from cyber security.

- 19th July – Threat Intelligence Report. (to the original material)

- Microsoft takes down domains used to scam Office 365 users. (to the original material)

- Fortinet Releases Security Updates for FortiManager and FortiAnalyzer. (to the original material)

- US indicts members of Chinese-backed hacking group APT40. (to the original material)

- U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity. (to the original material)

- UK and allies hold Chinese state responsible for pervasive pattern of hacking. (to the original material)

- Are you on vacation? How to avoid cyber security issues and fears. (to the original material)

- Saudi Aramco data breach sees 1 TB stolen data for sale. (to the original material)

- US and allies officially accuse China of Microsoft Exchange attacks. (to the original material)

- iPhones running latest iOS hacked to deploy NSO Group spyware. (to the original material)

- New Windows print spooler zero day exploitable via remote print servers. (to the original material)

- Vulnerability Summary for the Week of July 12, 2021. (to the original material)

18.07.2021 - News from cyber security.

- Ransomware hits law firm counseling Fortune 500, Global 500 companies. (to the original material)

- Comparis customers targeted by scammers after ransomware attack. (to the original material)

- New leak reveals: global governments exploit the Pegasus cyber-surveillance tool. (to the original material)

17.07.2021 - News from cyber security.

- HelloKitty ransomware is targeting vulnerable SonicWall devices. (to the original material)

- Ecuador's state-run CNT telco hit by RansomEXX ransomware. (to the original material)

16.07.2021 - News from cyber security.

- Remote Identity Proofing: How to spot the Fake from the Real? (to the original material)

- Cisco Releases Security Updates. (to the original material)

- 2021 update on cyber threats to Canada's democratic process. (to the original material), Cyber threats to Canada's democratic process : July 2021 update. (to the original material)

- Cyberattack on Moldova's Court of Accounts destroyed public audits. (to the original material)

- The Week in Ransomware - July 16th 2021 - REvil disappears. (to the original material)

- US govt offers $10 million reward for tips on nation-state hackers. (to the original material)

- D-Link issues hotfix for hard-coded password router vulnerabilities. (to the original material)

- Microsoft Defender for Identity now detects PrintNightmare attacks. (to the original material)

- Critical Cloudflare CDN flaw allowed compromise of 12% of all sites. (to the original material)

- Google patches 8th Chrome zero-day exploited in the wild this year. (to the original material)

15.07.2021 - News from cyber security.

- Verifiable design in modern systems. (to the original material)

- Ransomware Risk in Unpatched, EOL SonicWall SRA and SMA 8.x Products (to the original material), SonicWall devices targeted with ransomware utilising stolen credentials. (to the original material)

- Juniper Networks Releases Security Updates for Multiple Products. (to the original material)

- New stopransomware.gov website - The U.S. Government’s One-Stop Location to Stop Ransomware. (to the original material)

- Ransomware: To Pay or Not to Pay the Ransom? Is it legal or illegal? (to the original material)

- Microsoft shares guidance on new Windows Print Spooler vulnerability. (to the original material)

- Windows print nightmare continues with malicious driver packages. (to the original material)

- Microsoft: Israeli firm used Windows zero-days to deploy spyware. (to the original material)

- WooCommerce fixes vulnerability exposing 5 million sites to data theft. (to the original material)

- Linux version of HelloKitty ransomware targets VMware ESXi servers. (to the original material)

- Software maker removes "backdoor" giving root access to radio devices. (to the original material)

- Brand Phishing Report Q2 2021: Microsoft Continues Reign. (to the original material)

14.07.2021 - News from cyber security.

- BazarBackdoor sneaks in through nested RAR and ZIP archives. (to the original material)

- Google Chrome will add HTTPS-First Mode to keep your data safe. (to the original material)

- Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day. (to the original material)

- SonicWall warns of 'critical' ransomware risk to EOL SMA 100 VPN appliances. (to the original material)

- Detonating Ransomware on My Own Computer (Don’t Try This at Home). (to the original material)

- Chinese cyberspies’ wide-scale APT campaign hits Asian govt entities. (to the original material)

- Trickbot updates its VNC module for high-value targets. (to the original material)

- Arrests of members of Tetrade seed groups Grandoreiro and Melcoz. (to the original material)

- CISA Insights: Guidance for MSPs and Small- and Mid-sized Businesses. (to the original material)

- Hybrid Workstyle: What Implications for Cyber Security? (to the original material)

- A group of Romanian hackers mine cryptocurrencies by abusing the devices of victims all over the world. (to the original material)

- REvil ransomware group vanishes after mounting US pressure. (to the original material)

- Why you should change your LinkedIn profile privacy settings. (to the original material)

- Three of the biggest threats Android users face on a daily basis. (to the original material)

- Facebook Clone Wars: How to protect yourself from accounts impersonating you to fool your friends and family. (to the original material)

13.07.2021 - News from cyber security.

- Chinese hackers use new SolarWinds zero-day in targeted attacks. (to the original material)

- Amazon starts rolling out Ring end-to-end encryption globally. (to the original material)

- Adobe updates fix 28 vulnerabilities in 6 programs. (to the original material)

- US indicts dark web user 'The Bull' for insider trading. (to the original material)

- Microsoft fixes Windows Hello authentication bypass vulnerability. (to the original material)

- Microsoft July 2021 Patch Tuesday fixes 9 zero-days, 117 flaws. (to the original material)

- CISA orders federal agencies to patch Windows PrintNightmare bug. (to the original material)

- REvil ransomware gang's web sites mysteriously shut down. (to the original material)

- Firefox 90 adds enhanced tracker blocking to private browsing. (to the original material)

- New BIOPASS malware live streams victim's computer screen. (to the original material)

- Citrix Releases Security Updates for Virtual Apps and Desktops. (to the original material)

- SAP Releases July 2021 Security Updates. (to the original material)

- CISA Issues Emergency Directive on Microsoft Windows Print Spooler. (to the original material)

- Microsoft Releases July 2021 Security Updates. (to the original material)

- VMware Releases Security Update. (to the original material)

- Kaseya Ransomware Attack: Guidance and Resources. (to the original material)

- Adobe Releases Security Updates for Multiple Products. (to the original material)

- Mozilla Releases Security Updates for Firefox, Thunderbird. (to the original material)

- SolarWinds Releases Advisory for Serv-U Vulnerability. (to the original material)

- Apache Releases Security Advisory for Tomcat. (to the original material)

- Cybercriminals using Marvel’s Black Widow movie to spread malware. (to the original material)

- Google fined $593 million by French regulator. (to the original material)

- Trends and shifts in the underground N-Day exploit market. (to the original material)

12.07.2021 - News from cyber security.

- 12th July – Threat Intelligence Report. (to the original material)

- Kaseya Provides Security Updates for VSA On-Premises Software Vulnerabilities. (to the original material)

- Kaseya VSA Supply-Chain Ransomware Attack. (to the original material)

- Critical ForgeRock Access Management Vulnerability. (to the original material), ForgeRock Open AM critical vulnerability. (to the original material)

- Interpol urges police to unite against 'potential ransomware pandemic'. (to the original material)

- Fashion retailer Guess discloses data breach after ransomware attack. (to the original material)

- SolarWinds patches critical Serv-U vulnerability exploited in the wild. (to the original material)

- Spreadshirt hack: attackers gained access to user data, including bank details and PayPal addresses. (to the original material)

- Vulnerability Summary for the Week of July 5, 2021. (to the original material)

- June 2021’s Most Wanted Malware: Trickbot Remains on Top. (to the original material)

11.07.2021 - News from cyber security.

- Kaseya patches VSA vulnerabilities used in REvil ransomware attack. (to the original material)

10.07.2021 - News from cyber security.

- Mint Mobile hit by a data breach after numbers ported, data accessed. (to the original material)

- Biden asks Putin to crack down on Russian-based ransomware gangs. (to the original material)

09.07.2021 - News from cyber security.

- Microsoft issues patches to fix PrintNightmare zero-day bug. (to the original material)

- The Week in Ransomware - July 9th 2021 - A flawed attack. (to the original material)

- FBI warns cryptocurrency owners, exchanges of ongoing attacks. (to the original material)

- Insurance giant CNA reports data breach after ransomware attack. (to the original material)

- Kaseya warns of phishing campaign pushing fake security updates. (to the original material)

- Microsoft: PrintNightmare security updates work, start patching!. (to the original material)

- Three Simple Methods to Secure Your Enterprise IoT Devices. (to the original material)

08.07.2021 - News from cyber security.

- REvil victims are refusing to pay after flawed Kaseya ransomware attack. (to the original material)

- Windows security update KB5004945 breaks printing on Zebra printers. (to the original material)

- Morgan Stanley reports data breach after vendor Accellion hack. (to the original material)

- Mozilla Firefox to roll out DNS over HTTPS for Canadian users. (to the original material)

- Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare). (to the original material)

- CISA Releases Analysis of FY20 Risk and Vulnerability Assessments. (to the original material)

- Cisco Releases Security Updates for Multiple Products. (to the original material)

- Email claiming Kaseya patch drops Cobalt Strike malware. (to the original material)

- Four Ways Remote Work Has Impacted IT Security And What You Can Do About It. (to the original material)

07.07.2021 - News from cyber security.

- White House urges mayors to review local govts’ cybersecurity posture. (to the original material)

- Tor Browser adds new anti-censorship feature, V2 onion warnings. (to the original material)

- Email fatigue among users opens doors for cybercriminals. (to the original material)

- Fake Kaseya VSA security update backdoors networks with Cobalt Strike. (to the original material)

- Tens of thousands scammed using fake Android cryptomining apps. (to the original material)

- Microsoft: PrintNightmare now patched on all Windows versions. (to the original material)

- 170 fraudulent Android apps scamming cryptocurrency enthusiasts. (to the original material)

- CISA Publishes Malware Analysis Report and Updates Alert on DarkSide Ransomware. (to the original material)

- ForgeRock Open AM critical vulnerability. (to the original material)

- Hackers attack websites of Ukraine's president and security service. (to the original material)

06.07.2021 - News from cyber security.

- Microsoft Releases Out-of-Band Security Updates for PrintNightmare. (to the original material)

- CISA Releases Security Advisory for Philips Vue PAC Products. (to the original material)

- Cybercriminals targeting construction companies to conduct email scams. (to the original material)

- US warns of action against ransomware gangs if Russia refuses. (to the original material)

- Hacker dumps private info of pro-Trump GETTR social network members. (to the original material)

- Microsoft 365 to let SecOps lock hacked Active Directory accounts. (to the original material)

- Kaseya: Roughly 1,500 businesses hit by REvil ransomware attack. (to the original material)

05.07.2021 - News from cyber security.

- 5th July – Threat Intelligence Report. (to the original material)

- QNAP fixes critical bug in NAS backup, disaster recovery app. (to the original material)

- CISA, FBI share guidance for victims of Kaseya ransomware attack. (to the original material)

- REvil ransomware asks $70 million to decrypt all Kaseya attack victims. (to the original material)

- NCSC statement on Kaseya incident. (to the original material)

- REvil ransomware attack against MSPs and its clients around the world. (to the original material)

- Security keys become the only 2FA method supported on Twitter. (to the original material)

- Vulnerability Summary for the Week of June 28, 2021. (to the original material)

- “Kaseya Attack”: Over 1000 organizations globally attacked on Fourth of July weekend, biggest supply chain attack since Sunburst. (to the original material)

- Why are companies in the SAP S/4HANA transformation holding back? (to the original material)

04.07.2021 - News from cyber security.

- REvil is increasing ransoms for Kaseya ransomware attack victims. (to the original material)

- Kaseya was fixing zero-day just as REvil ransomware sprung their attack. (to the original material)

- CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack. (to the original material)

- Week in review: PoC for Windows Print Spooler flaw leaked, conquering synthetic identity fraud. (to the original material)

03.07.2021 - News from cyber security.

- The Week in Ransomware - July 2nd 2021 - MSPs under attack. (to the original material)

- Coop supermarket closes 500 stores after Kaseya ransomware attack. (to the original material)

- US chemical distributor shares info on DarkSide ransomware data theft. (to the original material)

02.07.2021 - News from cyber security.

- REvil ransomware hits 1,000+ companies in MSP supply-chain attack. (to the original material)

- Actively exploited PrintNightmare zero-day gets unofficial patch. (to the original material)

- Kaseya VSA Supply-Chain Ransomware Attack. (to the original material), (to the original material)

- Microsoft warns of critical PowerShell 7 code execution vulnerability. (to the original material)

- US insurance giant AJG reports data breach after ransomware attack. (to the original material)

- Microsoft shares mitigations for Windows PrintNightmare zero-day bug. (to the original material)

- Decision makers divided about cloud technology adoption. (to the original material)

- Most enterprises started a modernization program due to the pandemic. (to the original material)

- How mobile operators view security in the 5G era. (to the original material)

- How facial recognition solutions can safeguard the hybrid workplace. (to the original material)

- Single page web applications and how to keep them secure. (to the original material)

01.07.2021 - News from cyber security.

- Measuring Security Risks in Open Source Software: Scorecards Launches V2. (to the original material)

- Do cybercriminals play cyber games in quarantine? A look one year later. (to the original material)

- NSA-CISA-NCSC-FBI Joint Cybersecurity Advisory on Russian GRU Brute Force Campaign. (to the original material)

- NCSC joins US partners to expose global brute force campaign by Russian Intelligence Services. (to the original material)

- Common Facebook scams and how to avoid them. (to the original material)

- Babuk ransomware is back, uses new version on corporate networks. (to the original material)

- TrickBot cybercrime group linked to new Diavol ransomware. (to the original material)

- VirusTotal ordered to reveal private info of stolen HSE data downloaders. (to the original material)

- CISA: Disable Windows Print Spooler on servers not used for printing. (to the original material)

- NSA: Russian GRU hackers use Kubernetes to run brute force attacks. (to the original material)

- Google Chrome will get an HTTPS-Only Mode for secure browsing. (to the original material)

- Twitter now lets you use security keys as the only 2FA method. (to the original material)

- Cyber Espionage on Afghanistan, Kyrgyzstan and Uzbekistan by Chinese-speaking Hacker Group. (to the original material)

- Employers permanently moving to a more flexible work model. (to the original material)

- Secure AI is the foundation of trustworthy AI. (to the original material)

- Enhancing cloud security with a two-step cryptography technique. (to the original material)

- Industrial facilities progressively at risk of data theft and ransomware attacks. (to the original material)

- Protecting your organizations against BEC and other email attacks. (to the original material)

- Resilience by design: What security pros need to know about microlearning. (to the original material)

Archive:

Click here to access archive content.
Click here to access CMS (Content Management System) in Joomla.

Source:

Click here to access to documentation sources.

Note Dorin M.

This site has a double form, one in HTML and one in Joomla (if you are interested in the utility behind this effort you can read the "Why a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.

Dorin M - July 31, 2021