Internet Security Week - Edition Nº 81

In edition no. 81 of Internet Security Week , Brazilian banking trojan, millions of Microsoft servers are at risk, INEP leaks data and much more.

News

Hackers leak passwords for 500,000 Fortinet VPN accounts

A hacker has leaked a list of nearly 500,000 Fortinet VPN login names and passwords that were allegedly copied from exploitable devices last summer. Although the hacker claims that the exploited Fortinet vulnerability has now been patched, they claim that many VPN credentials are still valid.

By Lawrence Abrams in Bleeping Computer

New Brazilian banking trojan allows full control of the smartphone

Experts have discovered yet another family of mobile banking trojans: TwMobo. Furthermore, they confirmed three important trends: growing interest among cybercriminals in cell phone fraud, internationalization of Brazilian mobile threats to Latin America, Europe and the USA, and the preference for RATs (Remote Access Trojan) – malware that allows you to circumvent security mechanisms. double authentication — using fingerprint, facial recognition or digital tokens on the cell phone.

In Kaspersky Daily

Lack of update puts millions of servers with Microsoft system at risk

Highlighting once again the danger of outdated infrastructures without proper support from their administrators, new research into digital security has located more than two million vulnerable servers.

By Felipe Demartini on Canaltech

Inep leaks data from more than 5 million Brazilians and foreigners

The Hack discovered, exclusively, that more than 5 million Brazilian students had their data unduly exposed on the web due to a series of configuration flaws in the systems of the National Institute of Educational Studies and Research Anísio Teixeira (Inep), a federal agency linked to the Ministry of Education (MEC).

By Ramon de Souza in The Hack

Ransomware exposes data if victim calls the police

The Ragnar Locker ransomware group, known for a series of attacks on large companies such as ADATA and Capcom, has found a new way to influence victims. The group is now threatening to release stolen data from victims if they seek help from authorities.

In CISO Advisor

4 resources to increase your company's data security

As the connectivity of companies, people and devices increases, the vulnerability of systems and users to hackers, viruses and many other threats also increases. To reduce the risks of virtual attacks, learn about 4 resources to increase the security of data traveling on your company's network and computers, increasing protection and productivity when using the Internet.

By Heini Thomas Geib on Lumiun Blog

Biggest DDoS in the history of the Internet in Russia

A report in Russian media says the attack is the biggest in the short history of the Russian internet. The attack was confirmed by a US-based company.

By Ionut Ilascu in Bleeping Computer

Education suffers 380 attacks per week in Brazil

The education sector, combined with the research sector, was the most targeted in July 2021, according to Check Point's monitoring of its clients: there was an average of 1,739 weekly attacks on each organization. In Brazil, during the month of July, the number of weekly attacks per organization increased by 19%, totaling an average of 377 attacks; It is the 17th country most targeted by this trend of attack on the education sector.

In CISO Advisor

New cybercriminal campaign by the TeamTNT group has already infected more than 5 thousand victims

The TeamTNT group is expanding its cybercriminal operations with the adoption of new tools, which increase the group's threat level beyond the start of a new campaign called “Chimaera”, recently identified (but which began in July 2021) and is already “ responsible for thousands [more than 5 thousand] of victims around the world”.

By Guilherme Petry in The Hack

Income Tax declaration software had serious security breach

A loophole in the Personal Income Tax declaration software (IRPF 2021) may have exposed users to risks, especially when using shared or insecure networks.

By Felipe Demartini on Canaltech