In edition #103 of Internet Security Week , we cover scams simulating official government emails, Puma being hit by a ransomware attack, Qbot needing only 30 minutes to steal your data, and much more.
News
Learn how to protect yourself from scams that impersonate official government emails.
Paying attention to email senders is a common recommendation when it comes to preventing phishing attacks. But this measure may not be fully effective when scams originate from emails that mimic official ones or, even worse, come from the real addresses themselves. This is what happened last week with the gov.br domain, used by the federal government.
By Felipe Demartini on Canaltech
Hackers take down Correio da Manhã and websites belonging to the Portuguese group.
A hacker attack took down the website of the Portuguese newspaper Correio da Manhã, as well as the websites of all the news outlets belonging to the Confina group, which owns the newspaper, such as the magazine Sábado, the Jornal de Negócios newspaper, and CMTV.
In CISO Advisor
Puma affected by data breach following Kronos ransomware attack.
Sportswear manufacturer Puma was hit by a data breach following a ransomware attack that struck Kronos, one of its US workforce management service providers, in December 2021.
By Sergiu Gatlan at Bleeping Computer
The Spectre vulnerability: 4 years after its discovery.
Four years have passed since the first publication of research on Spectre and Meltdown, hardware vulnerabilities in modern processors. Since then, researchers have discovered several similar flaws that could potentially be used to leak confidential data.
By Enoch Root on Kaspersky Daily
Android malware detections increased by 428% in the last year, a report indicates.
The new edition of the ESET Threat Report also highlights attacks targeting the Log4j library, which became the fifth most common external intrusion vector in 2021.
By Roman Kovac on We Live Security
Qbot only needs 30 minutes to steal your credentials and emails.
The widespread malware known as Qbot (also known as Qakbot or QuakBot) has recently returned to lightning-fast attacks and, according to analysts, takes only about 30 minutes to steal sensitive data after the initial infection.
By Bill Toulas on Bleeping Computer
Cyberattack on Caixa involves 3,700 credit cards and R$ 137 million in losses.
On Tuesday (8), the Federal Police arrested, as part of Operation Atacante, a suspect involved in hacking into the internal network of Caixa Econômica Federal. The scam has been under investigation since the last semester, after the diversion of money from the institution's account holders and improper registration of cards, generating a loss of around R$ 137 million.
By Dácio Castelo Branco on Canaltech
Hacker group Gamaredon launches mass attack against Ukraine.
Hackers from the Gamaredon group, which the Security Service of Ukraine (SSU) claims is led by five officers from the Russian Federal Security Service (FSB), used a job search service to attack a Ukrainian government agency. The discovery was made by researchers from Palo Alto Networks' Unit 42, who, while monitoring this activity, observed an attempt to target a Ukrainian government entity. The attack took place on January 19th.
In CISO Advisor
Podcast
Ransomware is the most dangerous digital threat to organizations.
- Over 20 minutes of content
- Free
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
