Internet Security Week - Edition Nº 80

In edition no. 80 of Internet Security Week , a former employee deletes 20,000 company files, cyberattacks are on the rise in Brazil, data from 21,000 Claro and NET employees are exposed and much more.

News

Former employee deletes 20,000 company files and faces 10 years in prison

Juliana Barile, a former employee of a credit union in New York, pleaded guilty to accessing company computers without authorization and destroying more than 21 GB of data in revenge for being fired.

By Dácio Castelo Branco on Canaltech

Nearly 40% of code produced by GitHub Copilot may be vulnerable

Around 40% of the code produced with the help of GitHub Copilot may be vulnerable to cyber attacks, researchers identified in a study published last week. According to the researchers, the justification is that GitHub Copilot's artificial intelligence was fed with vulnerable code, extracted from open source applications stored on GitHub.

By Guilherme Petry in The Hack

Failures in third-party systems affect 80% of SMEs

Vulnerability in the systems of outsourced service providers is being used by cybercriminals to attack small and medium-sized companies (SMEs). A study by the cybersecurity company Acronis reveals that four out of five (80%) small and medium-sized companies are victims of security flaws in these systems, with the use of ransomware being the main threat detected by the research.

In CISO Advisor

Cyberattacks grow 23% in Brazil in 2021

Kaspersky's 2021 Threat Panorama – an annual survey carried out by the company's Research and Analysis team in Latin America – shows a 23% increase in cyberattacks in Brazil in the first eight months of 2021, compared to the same period of the previous year.

In Kaspersky Daily

Be careful: complying with the LGPD does not mean absolute protection

You can't be too careful when it comes to your reputation and finances. Although this warning and guidance is useful for many situations, it is accurate when it comes to adapting to the LGPD. Eventually, the verbs adapt and protect do not always go together when it comes to the General Personal Data Protection Law (LGPD).

By Kelvin Zimmer on Lumiun Blog

FBI warns about increase in ransomware attacks on holidays and weekends

FBI and CISA said they “have observed an increase in high-impact ransomware attacks occurring on holidays and weekends – when offices are typically closed.

By Sergiu Gatlan in Bleeping Computer

Research reveals that 80% of global organizations will likely face an attack in the next year

According to the biannual Cyber Risk Index (CRI) report, carried out in partnership with the Ponemon Institute, 80% of global organizations are at risk of suffering a data breach in the next 12 months, with a high probability of affecting your customers' information.

In CryptoID

Deepfake: is your organization prepared to respond to this risk?

Deepfake is the use of Artificial Intelligence to emulate a person's voice and/or facial expressions based on videos, audios or photos available online. In other words, from audio and image data, the software is capable of producing images and sounds that resemble humans.

In Olhar Digital

Do you know what proxyware is? Method is successful in cybercrime

Proxywares are legitimate applications that share a user's network with other applications that need a specific amount of network, such as antiviruses, firewalls and cryptocurrency miners.

By Guilherme Petry in The Hack

Server failure exposed data from 21,000 Claro and NET employees

A serious data exposure may have affected around 21 thousand Claro and NET employees, including technicians and outsourced workers. The records were available on a poorly configured server, belonging to the company's maintenance department, with folders containing copies of identification documents and even contracts signed by the providers — the entire volume was publicly available and could be accessed by anyone.

By Felipe Demartini on Canaltech