Internet Security Week - Edition No. 113

In Edition No. 113 of Internet Security Week , RJ Finance Secretariat is a victim of ransomware, efficient and affordable solution against data leakage for companies, 6 YouTube channels on malware analysis and more.

News

Ransomware announces RJ Finance Secretariat as a victim

The group that operates Ransomware Lockbit announced the Rio de Janeiro State Finance Department as one of its victims. On its leakage website, the group reported that it took over a total of 420GB of data from the secretariat. The group's post adds that on April 25, 2022 at 8:00 am (supposedly GMT) the data will begin to be published. The group does not inform the content of 2,338,476 files supposedly in their power.

In Ciso Advisor

McDonald's gives details on customer data leakage in Brazil

The Brazilian McDonald's operation was the victim of a cybercriminal attack, which resulted in the exposure of personal data of some of its customers. The warning appears in an email that is being sent to hit consumers, at least since the 17th, informing about the incident and the possibility of pocket scams by email or instant messages.

By Felipe Demartini in Canaltech

Anti-ransomware strategies

Ransomware attacks no longer occupy headlines - reports of new victims appear daily. Therefore, it is more important than companies to have a well -designed multilevel strategy to protect themselves against this threat.

By Hugh aver in Kaspersky Daily

High impact failures are discovered in Lenovo Notebook UEFI

ESET researchers discovered and analyzed three vulnerabilities that affect various Lenovo notebook models. The first two vulnerabilities-CVE-2021-3971, CVE-2021-3972-affect UEFI firmware drivers that were created at first to be used only during the process of manufacturing Lenovo consumer notebooks. Unfortunately, these machines were also mistakenly included in the production of ISO image to bios without being properly disabled.

By Martin Smolar in We Live Security

The most efficient and affordable solution against data leaks in companies

Data leakage is a serious and current security incident that can be easily prevented. When companies take action and correct attitudes, this type of security incident has a solution, yes.

By Kelvin Zimmer in Lumiun Blog

Cybercrime opens marketplace of industrial secrets

There is a new clandestine market created by Cybercrime, exclusively for the sale of data and documents from companies whose networks and servers have been invaded: it is called Industrial Spy and is in Deep Web with address “.onon”. Marketplace has a amount of material that even allows it to offer some free data to its members.

In Ciso Advisor

Emotet virus gains new capabilities and expands the dissemination rate by 10 times

Emotet malware remains committed to maintaining its leadership in the world's most widespread threat ranking, increasing its rate of dissemination in March more than 10 times. During the period, there were more than 30,000 phishing emails fired with the virus, compared to just under 3,000 recorded in February 2022.

By Felipe Demartini in Canaltech

FakeCalls: Get to know the Trojan that mimics telephone calls

Cybercriminals are always creating increasingly sophisticated malware. Last year, for example, an unusual bank trojan called FakeCalls. In addition to the usual spy features, it has an interesting ability to "talk" with the victim disguised as a bank employee.

By Igor Golovin in Kaspersky Daily

Channels

The reverse engineering process is a complex task that can be difficult to learn. The amount of software and tools available makes the process even harder. For this reason, we have decided to separate this seven Youtube channel list created by ESET, which provide very interesting and useful materials and content on how to apply reverse engineering to perform malware analysis.