In edition no. 81 of Internet Security Week , Brazilian banking trojan, millions of Microsoft servers are at risk, INEP leaks data and much more.
News
Hackers leak passwords for 500,000 Fortinet VPN accounts
A hacker has leaked a list of nearly 500,000 Fortinet VPN login names and passwords that were allegedly copied from exploitable devices last summer. Although the hacker claims that the exploited Fortinet vulnerability has now been patched, they claim that many VPN credentials are still valid.
By Lawrence Abrams in Bleeping Computer
New Brazilian banking trojan allows full control of the smartphone
Experts have discovered yet another family of mobile banking trojans: TwMobo. Furthermore, they confirmed three important trends: growing interest among cybercriminals in cell phone fraud, internationalization of Brazilian mobile threats to Latin America, Europe and the USA, and the preference for RATs (Remote Access Trojan) – malware that allows you to circumvent security mechanisms. double authentication — using fingerprint, facial recognition or digital tokens on the cell phone.
In Kaspersky Daily
Lack of update puts millions of servers with Microsoft system at risk
Highlighting once again the danger of outdated infrastructures without proper support from their administrators, new research into digital security has located more than two million vulnerable servers.
By Felipe Demartini on Canaltech
Inep leaks data from more than 5 million Brazilians and foreigners
The Hack discovered, exclusively, that more than 5 million Brazilian students had their data unduly exposed on the web due to a series of configuration flaws in the systems of the National Institute of Educational Studies and Research Anísio Teixeira (Inep), a federal agency linked to the Ministry of Education (MEC).
By Ramon de Souza in The Hack
Ransomware exposes data if victim calls the police
The Ragnar Locker ransomware group, known for a series of attacks on large companies such as ADATA and Capcom, has found a new way to influence victims. The group is now threatening to release stolen data from victims if they seek help from authorities.
In CISO Advisor
4 resources to increase your company's data security
As the connectivity of companies, people and devices increases, the vulnerability of systems and users to hackers, viruses and many other threats also increases. To reduce the risks of virtual attacks, learn about 4 resources to increase the security of data traveling on your company's network and computers, increasing protection and productivity when using the Internet.
By Heini Thomas Geib on Lumiun Blog
Biggest DDoS in the history of the Internet in Russia
A report in Russian media says the attack is the biggest in the short history of the Russian internet. The attack was confirmed by a US-based company.
By Ionut Ilascu in Bleeping Computer
Education suffers 380 attacks per week in Brazil
The education sector, combined with the research sector, was the most targeted in July 2021, according to Check Point's monitoring of its clients: there was an average of 1,739 weekly attacks on each organization. In Brazil, during the month of July, the number of weekly attacks per organization increased by 19%, totaling an average of 377 attacks; It is the 17th country most targeted by this trend of attack on the education sector.
In CISO Advisor
New cybercriminal campaign by the TeamTNT group has already infected more than 5 thousand victims
The TeamTNT group is expanding its cybercriminal operations with the adoption of new tools, which increase the group's threat level beyond the start of a new campaign called “Chimaera”, recently identified (but which began in July 2021) and is already “ responsible for thousands [more than 5 thousand] of victims around the world”.
By Guilherme Petry in The Hack
Income Tax declaration software had serious security breach
A loophole in the Personal Income Tax declaration software (IRPF 2021) may have exposed users to risks, especially when using shared or insecure networks.
By Felipe Demartini on Canaltech
Events
Webinar | The Main Steps to Implement LGPD in Companies
- September 16, 2021, 7pm – 9pm
- Online event via YouTube
- Free
Are you not yet subscribed to our newsletter to receive this content weekly by email? Then sign up using the link below:
https://conteudo.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.