In the 115th edition of Internet Security Week , email hacks cost billions, new malware used by hacker groups, new phishing technique, leaked credentials may be from Netflix and much more.
News
Email hacks have caused losses of more than US$43 billion worldwide.
The compromise of corporate emails has caused losses of more than US$43 billion to companies worldwide from 2016 to the end of 2021. These figures appear in a new report published by the FBI, which also highlights a 65% increase in attacks of this type between July 2019 and December of last year, indicating that this, more than ever, is an attractive avenue for criminals to exploit.
By Felipe Demartini on Canaltech
New malware used by threat groups
Security researchers are warning about a new malware loader already in use that appears to have supplanted the prolific BazarLoader. Dubbed "Bumblebee," the malware is being used by several threat groups that previously deployed BazarLoader and IceID, according to Proofpoint.
In CISO Advisor
New Phishing Technique: Browser-in-Browser Attack (BitB)
In their relentless pursuit of people's credentials, secret keys, and other valuable information, cybercriminals are continually devising new ways to deceive users.
By Leonid Grustniy in Kaspersky Daily
Secure password generators: a useful and easily accessible tool
We always emphasize that creating strong and unique passwords for each online service is crucial, but we can't deny that it's difficult to always be creative when creating a strong password: 20 different characters, with uppercase and lowercase letters, numbers, and symbols, while still being unique to any previously created password. That's why online password generators are an excellent option, as they allow you to generate random and secure passwords in seconds, with just a few clicks.
By Juan Manuel Harán in We Live Security
Apple, Google, and Microsoft will implement passwordless login
Apple, Google, and Microsoft have officially committed to supporting passwordless login across all their mobile, desktop, and browser platforms as early as next year. This means that Android and iOS operating systems; Chrome, Edge, and Safari browsers; and Windows and macOS will all have password-free user authentication methods.
By Marina Schnoor in Olhar Digital
Phishing scam nearly costs US government $23.4 million
The US government announced on Monday (2) the conviction of a man accused of attempting to defraud the country's Department of Defense of US$23.4 million. He was the operator of a credential theft and phishing scheme that, in September 2018, allowed him to impersonate an Asian supplier of aviation fuel, causing payment for a supply contract to be transferred to personal accounts.
By Felipe Demartini on Canaltech
Cyberattacks hit hospitals in Portugal
Two hospitals in the country were attacked this week; the incidents caused the interruption of services and care.
By Francisco Camurça in We Live Security
Leaked credentials may belong to Netflix customers
A table containing credentials allegedly belonging to 4,504 Netflix customers was published on the leak site Ghostbin, a security researcher revealed this morning to CISO Advisor. The publication was made by a threat actor apparently associated with a piracy operation called Hacking Village. Users who located the table informed the researcher that it contained working credentials.
In CISO Advisor
Podcast
Internet Security Series: Is there software for everything?
- Produced by CBN Maringá
- Platform: Spotify
- 20 minutes
- Free
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
