News on the blog!
Updates and improvements are necessary in every job, which is why our Newsletter is now called Internet Security Week .
In issue 40, 350,000 Spotify accounts hijacked, an attack that can steal a car in 90 seconds, penalties for cybercrimes, and much more.
News
Baidu leaks data from millions of Android app users
Baidu Maps and Baidu App exposed phone information and unique device numbers; the apps had already been banned from the Play Store.
By Leticia Riente in Olhar Digital
TSE admits that a DDoS attack took down the e-Título app during the elections
The Superior Electoral Court (TSE) assumed that the DDoS attack it suffered during the first round of the municipal elections, on Sunday (15) “may have caused instability in the e-Título application and in the electronic judicial process system (PJe)”.
By Guilherme M. Petry in The Hack
Around 350,000 Spotify accounts were hijacked through credential stuffing attacks.
Researchers discovered an exposed database containing 380 million records, including passwords that were used to hijack nearly 350,000 accounts.
By Amer Owaida at We Live Security
Attacker can steal a Tesla Model X in 90 seconds
The company is releasing a patch for the vulnerabilities, which allowed a researcher to break into a car in 90 seconds and drive away.
By Andy Greenberg in Wired
New Egregor ransomware operates with double-extortion attacks
Security experts say double extortion attacks are a trend among ransomware operators.
In Ciso Advisor
Senate toughens penalties for electronic crimes
The Senate approved last Wednesday (25) bill (PL) 4554/2020, authored by Izalci Lucas (PSDB-DF). The text determines an increase in penalties for those who commit electronic fraud.
By Rui Maciel in Canaltech
Bug allows bypassing two-factor authentication in cPanel
Web server administration software has already been installed on more than 70 million domains; the flaw is serious, but has already been fixed.
By Rafael Rigues in Olhar Digital
Smart doorbells send unencrypted data to China and can be easily hacked
The British consumer rights group Witch? has found security vulnerabilities across all levels in 11 different smart doorbells (IoT). The vulnerabilities were discovered in partnership with security researchers from NCC Group.
By Guilherme M. Petry in The Hack
DNS SAD – Analysis of the vulnerability that allows DNS poisoning attacks
Researchers have discovered a way to allow DNS poisoning attacks to return. In this post, we analyze how this vulnerability works and share some tips on how to mitigate it.
By Alan Warburton in We Live Security
Hackers believed to be Chinese spy on the Vatican again
The attacks are from the Mustang Panda group, and target organizations involved in relations between the Vatican and the Chinese Communist Party.
In Ciso Advisor
Brazil is one of the most targeted countries for major hacker attacks; understand
In the 2019 ITU (International Telecommunication Union) survey, the country ranked 70th. In the Americas, it ranked sixth, behind Paraguay.
By Felipe Oliveira in Tilt Uol
How to prevent a cyber attack: for small businesses
Here are many reasons to be concerned about the dangers of the internet, especially if you're in a business environment, and even worse, if you're a small or medium-sized business.
By Kelvin Zimmer on Lumiun Blog
CyberTeam: group that hacked the TSE has already attacked 61 other Brazilian websites
The perpetrators of the attacks carried out on the Superior Electoral Court (TSE) have been confirmed, culminating in the disclosure of several personal data belonging to the body's employees on the day of the 2020 municipal elections.
By Ramon De Souza on Canaltech
Material
Event
Information Security: development and implementation in the business environment
- December 2, 2020, 6:30 PM – 8:30 PM
- Online event via YouTube
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://conteudo.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
