In edition no. 131 of Internet Security Week , Pop-up about DDoS protection is false, hackers hit more than 130 organizations in one attack, organization was attacked by 3 ransomwares in a row and much more.
News
Meta is ordered to pay R$6.6 million for leaking Brazilian data
Meta, Facebook's controller, was ordered to pay a fine of R$6.6 million due to a data leak from Brazilian users of the platform. The decision was taken by the National Consumer Secretariat (Senacon), a body linked to the Ministry of Justice and Public Security. However, if the company does not appeal the conviction, it may have a reduction of up to 25% in the amount of the fine.
By Kaique Lima on Canaltech
The dilemma between data security and app permissions
Starting July 20, all developers publishing Android apps to the Google Play Store must detail what data they collect and how they use it. However, this undeniably positive innovation has been overshadowed by the forces of “optimization”: now, before you install an app, you have no way of knowing what data it is accessing.
By Enoch Root on Kaspersky Daily
Pixel: Meta tool is involved in cases of sensitive data exposure
Due to an error, Meta's Pixel tool, used to monitor Facebook ad performance, allowed the collection of sensitive data on more than 1.3 million users.
By Juan Manuel Harán in We Live Security
Fake DDoS protection pop-up spreads trojan
Researchers at cybersecurity company Sucuri have discovered a new threat campaign designed to trick users into downloading malware capable of “hijacking” their machine. The attacks begin with malicious JavaScript injection to attack sites like WordPress, using a fake Cloudflare DDoS protection pop-up.
In CISO Advisor
Hackers target more than 130 organizations in massive phishing attack
Hackers responsible for a series of recent cyberattacks, including those on Twilio, MailChimp and Klaviyo, have compromised more than 130 organizations in the same phishing campaign.
By Bill Toulas in Bleeping Computer
Rio city hall systems complete 1 week offline after cyber attack (22nd, Monday)
Rio de Janeiro City Hall's online services have been offline for a week, due to a cyber attack on the municipal administration system. According to the city hall, teams from the Municipal IT Company (IplanRio) are working in a crisis office to minimize the impacts of the invasion and normalize operations as quickly as possible.
By Kaique Lima on Canaltech
The Andariel group attacks companies with various malicious tools
Our experts investigated the activity of Andariel, a supposed subgroup part of the Lazarus APT Group. Cybercriminals use the DTrack malware and Maui ransomware to attack companies around the world. As is typical of Lazarus, the group attacks for financial gain – this time through ransom demands.
By Hugh Aver on Kaspersky Daily
“Cybersecurity in times of global threats” was the theme at Black Hat USA 2022
After the first day of the Black Hat USA 2022 security conference, someone asked me the following question: “what are your takeaways from day one?” Experts spoke about the conflict in Ukraine and the role of cybersecurity during the Black Hat USA 2022 security conference.
By Tony Anscombe in We Live Security
Organization was attacked by three ransomwares in a row
A report signed by researcher Matt Wixey, from Sophos, reports that the incidence of organizations being attacked multiple times by ransomware is rising. One of them was attacked three times: by Hive, LockBit and BlackCat.
In CISO Advisor
eBook
Manual for safe use of the internet for professionals and companies
- In the material we cover the main ways of using the internet and how to protect yourself in each case. We also show what types of connections exist and how to identify threats on the network
- Available for download
- Free
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.