In edition no. 54 of Internet Security Week , intern guilty of password leak, hacked social network, 7 lessons from 2020 on email security and much more.
News
Former SolarWinds CEO blames intern for 'solarwinds123' password leak
The password in question, “solarwinds123,” was discovered in 2019 on the public internet by an independent security researcher who warned the company that the leak had exposed a SolarWinds file server.
By Brian Fung and Geneva Sands on CNN
Pretend to be surprised: Brazil is the country that suffers the most phishing attempts
Kaspersky's most recent survey serves to confirm what we all already suspected: the Russian company has made it official that Brazil is the country that suffers most from phishing attacks in the entire world.
By Ramon De Souza on FreeGameGuide
New attacks target Amazon and Slack
Hackers are targeting Amazon, Zillow, Lyft and Slack NodeJS applications using a new 'Dependency Confusion' vulnerability to steal Linux password files.
By Lawrence Abrams in Bleeping Computer
Critical vulnerability is identified in PJeOffice, software from the National Justice Council
A critical vulnerability was identified in PJeOffice, software used by lawyers and judges across Brazil to digitally sign documents before sending them to the Electronic Judicial Process (PJe) platform.
By Ramon de Souza in The Hack
Serasa asks for bank password for research, and Procon wants to know the reason
The body will assess whether the requirement (and possible use) of the internet banking password violated the Consumer Protection Code and the LGPD (General Data Protection Law).
By Hygino Vasconcellos in Uol
Gab social network is hacked
GabLeaks includes 70,000 messages in more than 19,000 chats by more than 15,000 users. One of the hacked accounts belonged to former President Trump.
By Dan Goodin on ARS Technica
Microsoft says Chinese hackers are breaking into Exchange servers
Microsoft says Beijing-backed hackers are exploiting four zero-day vulnerabilities in Exchange Server to steal data from U.S. defense companies, law firms and infectious disease researchers.
By Simon Sharwood in The Register
Email Security: 7 Lessons from 2020
In 2020 we had several lessons learned, and perhaps the biggest of them was working remotely. But, in addition, the data collected by cybersecurity research companies brought us other great sources of knowledge for 2021.
By Kelvin Zimmer on Lumiun Blog
Trackers discovered in password management app
Seven trackers and eight suspicious permissions were found on LasPass, a password management app with more than 10 million downloads on the Google Play Store.
By Guilherme Petry in The Hack
Data from 10 thousand Brazilian financial customers are exposed on the internet
A serious exposure compromised personal and financial data of more than 10 thousand Brazilians, Prisma Promotora's financial services customers and partners.
By Felipe Demartini on Canaltech
Ransomware is a multi-billion dollar industry and still growing
An analysis by global cybersecurity firm Group-IB reveals that ransomware attacks more than doubled last year and have increased in scale and sophistication.
By Ionut Ilascu in Bleeping Computer
Events
Redweek 2.0 – Information Security Techs
- March 16, 2021, 9:30 am – 10:30 am
- Online event via Youtube
- Free
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then sign up using the link below:
https://conteudo.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
