In edition no. 76 of Internet Security Week , record fine for data leaks by Amazon, new phishing technique, internet security summary for the first half of 2021 and much more.
News
Only 40% of companies recognize that they are prepared for the LGPD
The application of fines under the General Personal Data Protection Law (LGPD) came into force on Sunday (1st), but many companies are not yet prepared to act in accordance with the new standard. A survey by Fundação Dom Cabral (FDC) indicates that almost 40% of the 207 organizations interviewed recognize that they are not fully compliant with the legislation.
By Roseli Andrion on FreeGameGuide
68% of malware reaches organizations via cloud applications
According to the new biannual report from Netskope, a provider of cybersecurity services, 68% of malware reaches organizations via cloud applications. The growth of this form of dissemination occurs in a scenario of continuous proliferation of cloud applications in companies, with adoption increasing 22% during the first six months of 2021.
In iPnews
We have a record holder! Amazon is penalized US$884 million by GDPR
Amazon has just broken another record — this time, however, the online retail giant has no reason to celebrate. It has just become the company to receive the largest fine under the General Data Protection Regulation, better known as the General Data Protection Regulation (GDPR), the European legislation for the protection of personal data. The company is being forced to pay, in euros, the equivalent of US$884 million (around R$4.5 billion at the current currency exchange rate).
By Ramon de Souza The Hack
New redirection technique to avoid blocking phishing links
To steal corporate email credentials from company employees, attackers must first bypass anti-phishing solutions on company email servers. As a rule, they use legitimate (increasingly specific) web services such as Google Apps Script, a platform based on JavaScript. Scammers are using redirects through Google Apps Script to prevent email servers from blocking phishing links.
By Roman Dedenok on Kaspersky Blog
LemonDuck malware now removes security controls
In recent months, the LemonDuck malware, known primarily for its cryptocurrency mining activities, has adopted more sophisticated behavior and intensified its operations. In addition to its traditional botnet and mining activities, the malware now comes with a variety of functionalities that allow it to steal credentials and remove security controls.
In CISO Advisor
Hacker group is recruiting insiders to breach corporate networks
The LockBit 2.0 ransomware gang is actively recruiting insiders to help them breach and encrypt networks. In return, the insider is promised millions of dollars in payments.
By Lawrence Abrams in Bleeping Computer
Internet security: summary of the first half of 2021
Numbers, statistics and news related to leaked data on the internet give us the dimension of the challenge of dealing with internet security. The first half of 2021 revealed alarming data and, compared to previous years, reached records in both attacks and financial losses for companies that were victims of these crimes.
By Kelvin Zimmer on Lumiun Blog
New scam with bank slips on social networks LinkedIn and Twitter
Axur identified the return of a scam that was very common a few years ago – with slips, but now in a new way, using simple but very ingenious techniques. The new scam, called by the company a “renegotiation scam”, is carried out with the victims' CPF data, due to the mega leaks at the beginning of the year.
In iPnews
Brazilian companies are the ones that suffer most from ransomware in Latin America
Brazil was the target of almost half of the digital kidnapping attacks (ransomware) carried out against companies in Latin America, becoming one of the biggest targets of criminal acts of this type in the territory. Between January and March 2021, there were more than 3.2 billion attempts against national companies, part of a total of seven billion scams of this type registered across the bloc.
By Felipe Demartini on Canaltech
New cyber attacks distort reality and manipulate time
During Black Hat USA 2021, VMware released the seventh edition of its Global Incident Response Threat Report study, which shows how threat actors are manipulating reality to reshape the cybersecurity landscape.
In CISO Advisor
Events
Demystifying the General Data Protection Law - FADISP
- August 9, 16 and 23, 2021, from 6pm to 8pm
- Online event via Zoom
- Free
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then sign up using the link below:
https://conteudo.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
