In edition no. 165 of Internet Security Week, malware Windows scripts, hijacking of commercial emails, Brazil is “leader” in WhatsApp attacks and much more.
News
Malware uses PDF files and Windows scripts in attacks against companies
A new file dissemination tactic is being used by cybercriminals to spread QBot malware against corporate networks. Using responses to emails whose inboxes have been compromised, criminals send supposed files in PDF format that, in reality, hide Windows scripts that are used to download and install pests that provide initial access to infected systems.
By Felipe Demartini on Canaltech
Qbot campaign uses malware to hijack business email
A new group of cybercriminal groups operating banking trojans from the Qbot family uses a combination of PDF and Windows Script File (WSF) to install the malware and steal the victim's banking credentials.
In CISO Advisor
Brazil is the country with the most WhatsAp phishing attacks in 2022
Phishing attacks are growing strongly and the total number of attacks is double the number recorded in 2021.
By Nathalia Sica in Kaspersky Daily
How a discarded router can reveal a company's secrets to cybercriminals
Second-hand routers available on the market often have not gone through a data cleaning process and are full of sensitive (and even confidential) information, highlights a survey carried out by ESET.
At We Live Security
What is a sniffer and how to protect your company and employees
Contrary to what many think, the sniffer was not created for malicious purposes. However, due to its functionality, it can also be used by cybercriminals in a very dangerous way, facilitating the exposure of all your digital activity.
By Kelvin Zimmer on Lumiun Blog
Payments company accused of helping scammers 'contact Microsoft about a virus' must shell out $650,000
Two executives and a multinational payment processing company must pay $650,000 to the U.S. government, says the FTC, which accuses them of knowingly processing credit card payments for Microsoft-themed support scammers.
By Jude Karabus in The Register
March 2023 broke ransomware attack records with 459 incidents
March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, a 91% increase from the previous month and 62% from March 2022.
By Bill Toulas in Bleeping Computer
GitHub repositories are removed to stop malware
Four GitHub repositories used by RedLine malware control panels have been suspended, halting operations of the program that steals passwords saved in internet browsers, cybersecurity firm ESET said. This is commodity malware active since at least the beginning of 2020.
In CISO Advisor
5 most common digital scams against small and medium businesses
According to research by security firm Kaspersky, digital attacks targeting small and medium-sized businesses (SMEs) in the country increased by 140% in 2022. This proves that cybercriminals do not just target large groups, and are increasingly eyeing businesses smaller ones, who usually do not have resources or do not usually invest in security.
By Claudio Yuge on FreeGameGuide
Leak exposes health data of almost 6 million Brazilians
The incident exposed employee data from 21 Brazilian companies. Among the leaked information is data on consultations, procedures and exams carried out.
By Francisco Camurça in We Live Security
Podcast
SegInfocast #87 – Security as a Service: An agile, comprehensive and affordable strategy for Security and Privacy
- In this webinar, we cover everything you need to know about the SECaaS model to increase your organization's security and privacy maturity level, building an effective Corporate Cybersecurity Program.
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.