New things on the blog!
Updates and improvements are necessary in all work, therefore, our Newsletter is now called Internet Security Week .
In issue 40, we cover 350,000 Spotify accounts hijacked, an attack that can steal a car in 90 seconds, penalties for cybercrime cases, and much more.
News
Baidu leaks data from millions of Android app users.
Baidu Maps and Baidu App exposed phone information and unique device numbers; the apps had already been banned from the Play Store.
By Leticia Riente in Olhar Digital
Brazil's Superior Electoral Court (TSE) admits that a DDoS attack took down the e-Título app during the elections.
The Superior Electoral Court (TSE) acknowledged that the DDoS attack it suffered during the first round of municipal elections, on Sunday (15), “may have caused instability in the e-Título application and in the electronic judicial process system (PJe)”.
By Guilherme M. Petry in The Hack
Approximately 350,000 Spotify accounts were hijacked through credential stuffing attacks.
Researchers discovered an exposed database containing 380 million records, including passwords used to hijack nearly 350,000 accounts.
By Amer Owaida on We Live Security
Attack could steal a Tesla Model X in 90 seconds.
The company is releasing a patch for the vulnerabilities, which allowed a researcher to break into a car in 90 seconds and drive away.
By Andy Greenber in Wired
New Egregor ransomware operates with double extortion attacks.
Security experts say that double extortion attacks are a trend among ransomware operators.
In Ciso Advisor
Senate toughens penalties for cybercrime cases.
The Senate approved last Wednesday (25) bill (PL) 4554 / 2020, authored by Izalci Lucas (PSDB-DF). The text determines an increase in penalties for those who commit electronic fraud.
By Rui Maciel in Canaltech
Bug allows bypassing two-factor authentication in cPanel.
Software for managing web servers has already been installed on more than 70 million domains; the flaw is serious, but it has already been fixed.
By Rafael Rigues in Olhar Digital
Smart doorbells send unencrypted data to China and can be easily hacked.
The British consumer rights group, Witch?, has found vulnerabilities of all security levels in 11 different smart doorbells (IoT). The vulnerabilities were found in partnership with security researchers from the NCC Group.
By Guilherme M. Petry in The Hack
SAD DNS – Vulnerability analysis that allows DNS poisoning attacks.
Researchers have discovered a way to allow DNS poisoning attacks to return. In this post, we analyze how this vulnerability works and provide some tips on how to mitigate it.
By Alan Warburton in We Live Security
Hackers, possibly Chinese, are spying on the Vatican again.
The attacks are carried out by the Mustang Panda group and target organizations involved in relations between the Vatican and the Chinese Communist Party.
In Ciso Advisor
Brazil is one of the most targeted countries for large-scale hacker attacks; understand why.
In the 2019 survey by the ITU (International Telecommunication Union), the country is ranked 70th. In the Americas, it is in sixth place, behind Paraguay.
By Felipe Oliveira on Tilt Uol
How to prevent a cyber attack: for small businesses
Here are many reasons to be concerned about the dangers of the internet, especially in a business environment, and even worse if it's a small or medium-sized business.
By Kelvin Zimmer on Lumiun Blog
CyberTeam: the group that hacked the TSE (Superior Electoral Court) has already attacked 61 other Brazilian websites.
The authorship of the attacks carried out against the Superior Electoral Court (TSE), which culminated in the disclosure of various personal data of the agency's employees on the very day of the 2020 municipal elections, has been confirmed.
By Ramon De Souza on Canaltech
Material
Event
Information Security: Development and Implementation in the Business Environment
- December 2, 2020, 6:30 PM – 8:30 PM
- Online event via YouTube
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://conteudo.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
