In edition no. 115 of Internet Security Week , email intrusions costing billions, new malware used by hacker groups, new phishing technique, leaked credentials could be from Netflix and much more.
News
Email hacks generated losses of more than US$43 billion worldwide
The compromise of corporate emails generated losses of more than US$43 billion to companies around the world from 2016 to the end of 2021. The numbers appear in a new report published by the FBI, which also points to a 65% increase in attacks of this type between July 2019 and December last year, indicating that this, more than ever, is an interesting way to attack criminals.
By Felipe Demartini on Canaltech
New malware is used by threat groups
Security researchers are warning about a new malware loader already in use that appears to have supplanted the prolific BazarLoader. Dubbed “Bumblebee,” the malware is being used by several threat groups that previously deployed BazarLoader and IceID, according to Proofpoint.
In CISO Advisor
New Phishing Technique: Browser-in-Browser Attack (BitB)
In their relentless pursuit of people's credentials, secret keys, and other valuable information, cybercriminals are continually inventing new ways to trick users.
By Leonid Grustniy in Kaspersky Daily
Secure password generators: a useful and easily accessible tool
We have always highlighted that having the habit of creating secure and unique passwords for each online service is a very important factor, but we cannot deny that it is difficult to always be creative when creating a secure password: 20 different characters, with upper and lower case letters, numbers and symbols, and at the same time different from anything previously created. This is why online password generators are an excellent option, as they allow you to generate random and secure passwords in seconds, with just a few clicks.
By Juan Manuel Harán in We Live Security
Apple, Google and Microsoft will implement passwordless login
Apple, Google and Microsoft have officially committed to building support for passwordless login across all of their mobile, desktop and browser platforms as early as next year. This means Android and iOS OSes; Chrome, Edge and Safari browsers; Windows and macOS will feature means of user authentication that do not require a password.
By Marina Schnoor in Olhar Digital
Phishing scam almost loses US$23.4 million to the US government
The US government announced this Monday (2) the conviction of a man accused of trying to defraud the country's Department of Defense of US$23.4 million. He was the operator of a credential theft and phishing scheme that, in September 2018, allowed him to impersonate an Asian aviation fuel supplier, causing payments for a supply contract to be transferred to personal accounts.
By Felipe Demartini on Canaltech
Cyber attacks hit hospitals in Portugal
Two hospitals in the country were attacked this week; The incidents led to the interruption of services and assistance.
By Francisco Camurça in We Live Security
Leaked credentials could be from Netflix customers
A table containing credentials purportedly from 4,504 Netflix customers was published on leak site Ghostbin, as revealed this morning to CISO Advisor by a security researcher. The post was made by a threat actor apparently associated with a hacking operation called Hacking Village. Users who located the table informed the researcher that there were working credentials.
In CISO Advisor
Podcast
Internet Security Series: is there software for everything?
- Produced by CBN Maringá
- Platform: Spotify
- 20 minutes
- Free
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.