In issue #103 of Internet Security Week , scams simulating official government emails, Puma is hit by ransomware attack, Qbot needs 30 minutes to steal your data and much more.
News
Find out how to protect yourself from scams that simulate official government emails
Paying attention to email senders is often a common recommendation when it comes to preventing phishing attacks. But this measure may not be fully effective when scams arrive from emails that simulate official ones or, even worse, come from real addresses themselves. This is what happened last week with the gov.br domain, used by the federal government.
By Felipe Demartini on Canaltech
Hackers take down Correio da Manhã and the Portuguese group’s websites
A hacker attack took down the website of the Portuguese newspaper Correio da Manhã, as well as the websites of all the information organizations of the Confina group, owner of the newspaper, such as Sábado magazine, Jornal de Negócios and CMTV.
In CISO Advisor
Puma hit by data breach after Kronos ransomware attack
Sportswear maker Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021.
By Sergiu Gatlan in Bleeping Computer
The Specter vulnerability: 4 years after its discovery
Four years have passed since the first publication of research on Specter and Meltdown, hardware vulnerabilities in modern processors. Since then, researchers have discovered several similar flaws, which can potentially be used to leak sensitive data.
By Enoch Root on Kaspersky Daily
Android malware detections increased 428% last year, report shows
The new edition of the ESET Threat Report also highlights attacks targeting the Log4j library, which became the fifth most common external intrusion vector in 2021.
By Roman Kovac in We Live Security
Qbot needs just 30 minutes to steal your credentials and emails
The widespread malware known as Qbot (also known as Qakbot or QuakBot) has recently returned to lightning-fast attacks and, according to analysts, only takes about 30 minutes to steal sensitive data after the initial infection.
By Bill Toulas in Bleeping Computer
Cyberattack on Caixa involves 3,700 credit cards and R$137 million in losses
This Tuesday (8), the Federal Police arrested, as part of Operation Attacker, a suspect involved in invasions of the Caixa Econômica Federal internal network. The scam has been under investigation since last semester, after the embezzlement of money from the institution's account holders and improper registration of cards, generating a loss of around R$137 million.
By Dácio Castelo Branco on Canaltech
Hacker group Gamaredon launches mass attack against Ukraine
Hackers from the Gamaredon group, which the Security Service of Ukraine (SSU) says is led by five officers from the Russian Federal Security Service (FSB), used the job search service to attack a Ukrainian government body. The discovery was made by researchers from Palo Alto Networks Unit 42 who, while monitoring this activity, observed an attempt to target a Ukrainian government entity. The attack was carried out on January 19th.
In CISO Advisor
Podcast
Ransomware is the most dangerous digital threat to organizations
- More than 20 minutes of content
- Free
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
