In issue #115 of Internet Security Week , we discuss email hacks causing billions in losses, new malware used by hacker groups, a new phishing technique, leaked credentials that may belong to Netflix, and much more.
News
Email hacks have caused over US$43 billion in losses worldwide.
The compromise of corporate emails has caused losses of over US$43 billion to companies worldwide from 2016 to the end of 2021. These figures appear in a new report published by the FBI, which also points to a 65% increase in such attacks between July 2019 and December of last year, indicating that this is, more than ever, an attractive avenue for criminals to commit fraud.
By Felipe Demartini on Canaltech
New malware is being used by threat groups.
Security researchers are warning about a new malware loader already in use that appears to have supplanted the prolific BazarLoader. Dubbed “Bumblebee,” the malware is being used by several threat groups that previously deployed BazarLoader and IceID, according to Proofpoint.
In CISO Advisor
New phishing technique: browser-to-browser attack (BitB)
In their relentless pursuit of people's credentials, secret keys, and other valuable information, cybercriminals are continually inventing new ways to deceive users.
By Leonid Grustniy in Kaspersky Daily
Secure password generators: a useful and easy-to-access tool.
We always emphasize that developing the habit of creating strong and unique passwords for each online service is very important, but we can't deny that it's difficult to always be creative when creating a secure password: 20 different characters, with uppercase and lowercase letters, numbers and symbols, and at the same time different from all those created previously. That's why online password generators are an excellent option, as they allow you to generate random and secure passwords in seconds, with just a few clicks.
By Juan Manuel Harán in We Live Security
Apple, Google, and Microsoft will implement passwordless login.
Apple, Google, and Microsoft have officially committed to building support for passwordless login across all their mobile, desktop, and browser platforms next year. This means that Android and iOS operating systems; Chrome, Edge, and Safari browsers; and Windows and macOS will feature user authentication methods that don't require a password.
By Marina Schnoor in Olhar Digital
Phishing scam nearly costs the US government $23.4 million.
The US government announced on Monday (2) the conviction of a man accused of attempting to defraud the country's Department of Defense of US$23.4 million. He was the operator of a credential theft and phishing scheme that, in September 2018, allowed him to impersonate an Asian aviation fuel supplier, causing payment for a supply contract to be transferred to personal accounts.
By Felipe Demartini on Canaltech
Cyberattacks hit hospitals in Portugal.
Two hospitals in the country suffered attacks this week; the incidents caused the disruption of services and patient care.
By Francisco Camurça in We Live Security
Leaked credentials may belong to Netflix customers.
A table containing credentials allegedly belonging to 4,504 Netflix customers was published on the leak site Ghostbin, as revealed this morning to CISO Advisor by a security researcher. The publication was made by a threat actor apparently associated with a piracy operation called Hacking Village. Users who located the table informed the researcher that there were working credentials.
In CISO Advisor
Podcast
Internet Security Series: Is there software for everything?
- Produced by CBN Maringá
- Platform: Spotify
- 20 minutes
- Free
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
