In edition No. 76 of Internet Security Week , record data leakage by Amazon, new phishing technique, internet security summary of the first half of 2021 and more.
News
Only 40% of companies recognize being prepared for LGPD
The application of fines by the General Personal Data Protection Law (LGPD) has entered into force on Sunday (1st), but many companies are not yet prepared to work in accordance with the new standard. A survey by the Dom Cabral Foundation (FDC) indicates that almost 40% of the 207 organizations interviewed recognize that they are not fully appropriate to the legislation.
By Roseli Andrion in Canaltech
68% of malware reach organizations by cloud applications
According to the new semiannual report of NetSkope, a provider of cybersecurity services, 68% of malware arrives at organizations for cloud applications. Growth of this form of dissemination happens in a continuous proliferation scenario of cloud applications in companies, with adoption increasing 22% during the first six months of 2021.
In IPNews
We have a record holder! Amazon is penalized at $ 884 million by GDPR
Amazon has just hit another record - this time, however, the online retail giant has no reason to celebrate. It has just become the company to receive the largest fine for the general data protection regulation, better known as General Data Protection Regular (GDPR), European Personal Data Protection Legislation. The company is being forced to pay in euros the equivalent of US $ 884 million (about $ 4.5 billion in the current currency quotation).
By Ramon de Souza the Hack
New redirect technique to avoid blocking phishing links
To steal corporate email credentials from company employees, invaders must first go through antiphishing solutions on the company's email servers. As a rule, they use legitimate (increasingly specific) web services such as Google Apps Script, JavaScript -based platform. Scammers are using redirections through Google Apps Script to prevent email servers from blocking phishing links.
By Roman Dedenok in Kaspersky Blog
Malware Lemonduck now removes safety controls
In recent months, Malware Lemonduck, known mainly for its cryptocurrency mining activities, has adopted more sophisticated behavior and intensified its operations. In addition to its traditional Botnet and mining activities, malware now comes with a variety of features that allow to steal credentials, remove security controls.
In Ciso Advisor
Hacker group is recruiting insiders to violate corporate networks
The Lockbit 2.0 ransomware gang is actively recruiting internal employees to help them violate and encrypt networks. In return, the insider receives promises of payments of millions of dollars.
By Lawrence Abrams in Bleeping Computer
Internet Security: Summary of the first half of 2021
Numbers, statistics and news related to data leaked on the internet give us the size of the challenge that is to deal safely on the internet. The first semester of 2021 revealed alarming data and, compared to previous years, reached records in both attacks and financial loss by companies victims of these crimes.
By Kelvin Zimmer in Lumiun Blog
New blow with bank slips on social networks LinkedIn and Twitter
Axur identified the return of a blow that was very common a few years ago - with slips, but now in a new form, using simple but very ingenious techniques. The new blow, called by the company for “renegotiation blow”, is performed with CPF data from the victims, due to the mega leaks of the beginning of the year.
In IPNews
Brazilian companies are the ones that suffer the most with ransomware in Latin America
Brazil was the target of nearly half of the ransomware sequential attacks against Latin American companies, becoming one of the largest targets of such criminal acts in the territory. Between January and March 2021, there were more than 3.2 billion attempts against national companies, part of a total of seven billion of such scams recorded throughout the block.
By Felipe Demartini in Canaltech
New cyber attacks distort reality and manipulate time
VMware has launched during Black Hat uses 2021 the seventh edition of its global Incident Response Threat Report study, which shows how threat actors are manipulating reality to remodel the scenario of cybersecurity.
In Ciso Advisor
Events
Demystifying the General Data Protection Law- FADISP
- August 09, 16 and 23, 2021, from 18h to 20h
- Online Event via Zoom
- Free
Are you not yet registered on our newsletter to receive this content weekly in the email? Then subscribe through the link below:
https://conteudo.lumiun.com/semana-da-eguranca-na-internet
Share the link with your colleagues and friends.
