In the 54th edition of Internet Security Week, an intern is found guilty of leaking a password, a social network was hacked, 7 lessons from 2020 about email security, and much more.
News
Former SolarWinds CEO Blames Intern for 'solarwinds123' Password Leak
The password in question, “solarwinds123,” was discovered in 2019 on the public internet by an independent security researcher who alerted the company that the leak had exposed a SolarWinds file server.
By Brian Fung and Geneva Sands at CNN
Pretend to be surprised: Brazil is the country that suffers the most phishing attempts
Kaspersky's latest survey confirms what we all already suspected: the Russian company has officially confirmed that Brazil is the country most affected by phishing attacks worldwide.
By Ramon De Souza on Canaltech
New attacks target Amazon and Slack
Hackers are targeting Amazon, Zillow, Lyft, and Slack NodeJS apps using a new 'Dependency Confusion' vulnerability to steal Linux password files.
By Lawrence Abrams in Bleeping Computer
Critical vulnerability identified in PJeOffice, software of the National Council of Justice
A critical vulnerability has been identified in PJeOffice, software used by lawyers and judges across Brazil to digitally sign documents before sending them to the Electronic Judicial Process (PJe) platform.
By Ramon de Souza in The Hack
Serasa asks for bank password for research, and Procon wants to know why
The agency will assess whether the requirement (and possible use) of the internet banking password violated the Consumer Protection Code and the LGPD (General Data Protection Law).
By Hygino Vasconcellos in Uol
Social network Gab is hacked
GabLeaks includes 70,000 messages in more than 19,000 chats from more than 15,000 users. One of the hacked accounts belonged to former President Trump.
By Dan Goodin at ARS Technica
Microsoft Says Chinese Hackers Are Breaking Into Exchange Servers
Microsoft says Beijing-backed hackers are exploiting four zero-day vulnerabilities in Exchange Server to steal data from US defense contractors, law firms and infectious disease researchers.
By Simon Sharwood in The Register
Email Security: 7 Lessons from 2020
In 2020, we learned several things, perhaps the biggest one being remote work. But beyond that, the data collected by cybersecurity research firms provided us with other valuable insights for 2021.
By Kelvin Zimmer on Lumiun Blog
Trackers discovered in password management app
Seven trackers and eight suspicious permissions were found in LasPass, a password management app with over 10 million downloads on the Google Play Store.
By Guilherme Petry in The Hack
Data from 10,000 Brazilian financial company customers exposed online
A serious breach compromised the personal and financial data of more than 10,000 Brazilians, Prisma Promotora's financial services clients and partners.
By Felipe Demartini on Canaltech
Ransomware is a multi-billion dollar industry and continues to grow.
An analysis by global cybersecurity firm Group-IB reveals that ransomware attacks more than doubled last year and increased in scale and sophistication.
By Ionut Ilascu in Bleeping Computer
Events
Redweek 2.0 – Information Security Techs
- March 16, 2021, 9:30 AM – 10:30 AM
- Online event via Youtube
- Free
Not yet subscribed to our newsletter to receive this content weekly in your email? Then sign up using the link below:
https://conteudo.lumiun.com/semana-da-seguranca-na-internet
Share the link with your colleagues and friends.
