In edition #96 of Internet Security Week, the Brazilian postal service (Correios) suffers a cyberattack, live stream about information security, discovery of 2 Windows vulnerabilities, Outlook attracts hackers, advantages of blocking websites in the company, and much more.
News
Lapsus$ group attacks, but postal service restores services.
From the moment of the attack, all services on 26 IP addresses belonging to the Brazilian postal service were disrupted. Experts consulted by CISO Advisor indicated that the company had also suspended services for maintenance.
In CISO Advisor
Two more Windows vulnerabilities discovered that allow attackers to take control.
Microsoft has issued an alert to its customers warning that the combination of two privilege escalation flaws in Windows could be used by attackers to take control of domains. The company emphasizes that both vulnerabilities have already been patched in the latest system security updates.
By Dácio Castelo Branco on Canaltech
A Microsoft Teams bug that allows phishing has remained unpatched since March.
Microsoft has said it will not fix or is delaying patches for several security flaws affecting the Microsoft Team Link Preview feature, which have been reported since March 2021.
By Sergiu Gatlan on Bleepingcomputer
Black Friday 2021 didn't sell, but cyberattacks skyrocketed.
Black Friday and Cyber Monday 2021, two of the most anticipated dates of the year for e-commerce, were marked by decreased sales and a drastic increase in the number of cyberattacks, scams, and frauds.
By Guilherme Petry in The Hack
Outlook web version attracts hackers.
A malicious module of Internet Information Services (IIS) is transforming the web version of Outlook into a tool for stealing credentials and a remote access panel. Unknown actors have used the module, which our researchers call OWOWA, in targeted attacks.
In Kaspersky Daily
Aviation will be targeted by ransomware in 2022, predicts Avast.
Avast's cybersecurity experts predict that in 2022 cybercriminals will make advancements in ensuring the effectiveness of ransomware, fraud, continuation scams, and cryptocurrency mining malware.
In CISO Advisor
How to block websites: discover the benefits of managing internet access
More than just a necessity, discovering how to block websites in the best and most efficient ways is a requirement for any company. After all, it directly impacts productivity.
By Kelvin Zimmer on Lumiun Blog
PYSA ransomware is behind most double extortion attacks in November.
Security analysts at NCC Group report that ransomware attacks in November 2021 increased last month, with double extortion continuing to be a powerful tool in the threat actors' arsenal.
By Bill Toulas on Bleepingcomputer
Grindr fined €6.5 million for selling data without consent.
The sale of user data to advertisers without explicit consent cost Grindr €6.5 million (R$41.7 million). The fine came from the Norwegian Data Protection Authority (DPA) and the reason is the serious violation of the General Data Protection Regulation (GDPR).
By Roseli Andrion on Canaltech
Live
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
