In the 165th edition of Internet Security Week, Windows malware scripts, business email hijacking, Brazil is the “leader” in WhatsApp attacks and much more.
News
Malware uses PDF files and Windows scripts in attacks against companies
A new file-based dissemination tactic is being used by cybercriminals to spread the QBot malware against corporate networks. Using replies to emails from compromised mailboxes, the criminals send supposed PDF files that, in reality, hide Windows scripts used to download and install malware that provides initial access to infected systems.
By Felipe Demartini on Canaltech
Qbot campaign uses malware to hijack business email
A new campaign by cybercriminal groups operating banking Trojans from the Qbot family uses a combination of PDF and Windows Script File (WSF) to install the malware and steal the victim's banking credentials.
In CISO Advisor
Brazil is the country with the most WhatsApp phishing attacks in 2022
Phishing attacks are growing sharply, with the total number of attacks double the number recorded in 2021.
By Nathalia Sica in Kaspersky Daily
How a discarded router can reveal company secrets to cybercriminals
Second-hand routers available on the market often haven't undergone a data sanitization process and are full of sensitive (and even confidential) information, according to research conducted by ESET.
In We Live Security
What is a sniffer and how to protect your company and employees
Contrary to popular belief, sniffers weren't created for malicious purposes. However, due to their functionality, they can also be used by cybercriminals in very dangerous ways, making it easier to expose all your digital activity.
By Kelvin Zimmer on Lumiun Blog
Payments company accused of helping scammers 'contact Microsoft about a virus' must pay $650,000
Two executives at a multinational payment processing company must pay $650,000 to the U.S. government, the FTC says, accusing them of knowingly processing credit card payments for Microsoft-themed support scammers.
By Jude Karabus in The Register
March 2023 broke ransomware attack records with 459 incidents
March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, a 91% increase from the previous month and a 62% increase from March 2022.
By Bill Toulas at Bleeping Computer
GitHub repositories removed to stop malware
Four GitHub repositories used by RedLine malware control panels have been suspended, halting the operation of the program that steals passwords saved in internet browsers, cybersecurity firm ESET reported. The program, which steals passwords saved in internet browsers, is a commodity malware that has been active since at least early 2020.
In CISO Advisor
5 most common digital scams against small and medium-sized businesses
According to research by security firm Kaspersky, digital attacks targeting small and medium-sized businesses (SMBs) in Brazil increased by 140% in 2022. This proves that cybercriminals are not only targeting large groups, but are increasingly targeting smaller businesses, which typically lack resources or do not invest in security.
By Claudio Yuge on Canaltech
Leak exposes health data of nearly 6 million Brazilians
The incident exposed employee data from 21 Brazilian companies. The leaked information included information on consultations, procedures, and exams performed.
By Francisco Camurça in We Live Security
Podcast
SegInfocast #87 – Security as a Service: An agile, comprehensive and accessible strategy for Security and Privacy
- In this webinar, we'll cover everything you need to know about the SECaaS model to increase your organization's security and privacy maturity level, building an effective Corporate Cybersecurity Program.
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://br.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
