ALERTS

Ameaças em destaque do mundo digital

Saiba quais foram as últimas Notícias e Falhas de Segurança

Threats

Ameaças em destaque do mundo digital

Chrome Zero-Day Vulnerability Being Actively Exploited

A high severity vulnerability in Google Chrome (CVE-2021-30551), caused by a type confusion issue in the V8 JavaScript engine, is actively being exploited in the wild. Google has released an update to patch this vulnerability, along with 13 other medium to critical severity vulnerabilities.

Type: Vulnerability
Category: Security update
Severity: MEDIUM
Date: Jun 10, 2021

Source

Fujifilm Sufferes Suspected REvil Ransomware Attack

Fujifilm has shut down some of their networks after a ransomware attack on June 1st. REvil is suspected to be behind the attack, partially due to the Qbot trojan being used in the initial stage of the attack. As Fujifilm has chosen not to pay the ransom, stolen data will likely show up on a ransomware leak site in the next few days.

Type: Malware
Category: Ransomware
Severity: MEDIUM
Date: Jun 4, 2021

Source

Threat actors behind SolarWinds attack are now spear phishing

The threat actors behind the massive SolarWinds attack has been discovered to be operating a spear-phishing campaign. The group recently began using a compromised Constant Contact account to send tailored phishing emails. The spear phishing email contains a malicious HTML attachment which drops an ISO image containing further malware.

Type: Malware
Category: Typical malware
Severity: MEDIUM
Date: May 28, 2021

Source

New RAT fakes being ransomware

Microsoft Security Intelligence has released information regarding a remote access trojan, named StrRAT, that masquerades as ransomware. This RAT steals browser credentials, logs keystrokes, can remotely control your systems, and also renames files to appear they have been ransomed. Files renamed .crimsom are an indicator of compromise.

Type: Malware
Category: Typical malware
Severity: MEDIUM
Date: May 27, 2021

Source

Zeppelin Ransomware Returns

After a brief hiatus, Zeppelin ransomware has resumed activity. The team behind this ransomware relies on more traditional attack vectors such as RDP and VPN vulnerabilities or phishing. Due to Zeppelin's sale model, new variants and the downloaders they use can be hard to initially detect.

Type: Malware
Category: Typical malware
Severity: MEDIUM
Date: May 25, 2021

Source

Researchers have discovered a new banking malware from Brazil named Bizarro

Bizarro is a new banking trojan family originating in Brazil, that is now also in other countries. Cybercriminals behind this malware family are adopting various technical methods to complicate malware analysis and detection, as well as social engineering tricks that help convince targets to give out their online banking credentials. Bizarro is distributed via MSI packages downloaded by victims from links in spam emails. Once launched, Bizarro downloads a ZIP archive from a compromised website to implement further malicious functions.

Type: Malware
Category: Typical malware
Severity: MEDIUM
Date: May 21, 2021

Source

Microsoft warns of data stealing malware called STRRAT that pretends to be ransomware

This RAT is infamous for its ransomware-like behavior of appending the file name extension .crimson to files without actually encrypting them. The new wave of attacks, commences with spam emails sent from compromised email accounts with 'Outgoing Payments' in the subject line, luring the recipients into opening malicious PDF documents that claim to be remittances, but in reality connect to a rogue domain to download the STRRAT malware.

Type: Malware
Category: Typical malware
Severity: MEDIUM
Date: May 21, 2021

Source

CISA warns of new activity by the ransomware group called FiveHands

The US Cybersecurity & Infrastructure Security Agency (CISA) has warned organizations to be cautious of a relatively new ransomware group called FiveHands. FiveHands ransomware has been around since January 2021 and the group using it has been exploiting a zero day vulnerability in SonicWall VPN (CVE-2021-20016).

Type: Malware
Category: Ransomware
Severity: MEDIUM
Date: May 12, 2021

Source

Shutdown of a Top U.S. Pipeline after Ransomware attack

Top U.S. pipeline, Colonial Pipeline, shuts down after DarkSide ransomware attack

Type: Malware
Category: Ransomware
Severity: MEDIUM
Date: May 10, 2021

Source

O que fazer depois de uma Falha de Segurança ?

Recomendamos que siga estas etapas para manter as suas informações pessoais seguras e proteger sua identidade digital.


Mude sua senha de acesso

Torne a senha única e diferente das outras que usa. Uma boa estratégia a seguir é combinar duas ou mais palavras não relacionadas para criar uma senha inteira, única e segura.

Atualize outros logins que usam a mesma senha

Reutilizar senhas transforma uma única violação de dados em várias. Agora que a senha está disponível, os hackers podem usá-la para aceder a outras contas.

Use um gerenciador de passwords para levar suas senhas para todos os lugares

Use uma gerenciador para aceder com segurança as senhas salvas no navegador de qualquer lugar - mesmo fora do navegador.

Use um serviço que mascare o seu endereço IP

O endereço de IP (Protocolo da Internet) indica a sua localização e fornecedor de serviços de Internet. Um serviço como o Firefox Private Network mascara seu endereço IP para ocultar sua localização.

Evite usar informações pessoais em PINs

Como é fácil encontrar sua data de nascimento em registros públicos, é melhor evitar usá-la em senhas e PINs. As pessoas que conhecem seu aniversário também podem adivinhar seu PIN com muita facilidade.

Configurar autenticação de dois fatores (2FA)

Muitos sites oferecem o 2FA como uma medida de segurança extra. Isso requer outra informação para fazer login na sua conta, como um código único que você recebe por texto via SMS.