TOP STORIES OF APRIL 2018 OngoingSecurity Av. 171,Paulista 4 Andar CEP 01.311 “ SEC RITY is without nothing - 000 (SP)São Paulo BRASIL E “ U ” - mail:[email protected]

CYBERSECURITY NEWS TOP STORIES OF APRIL 2018 OngoingSecurity ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ Oracle Won Cyber NATO Leaks Personal Cryptocurrency Information for Thousands of Investors Portugal Portugal Vulnerability Disclosure: VPN Major Leaks on3 Found VPNs Altaba Hacker Hijacksof Server DNS Ski lift shut down on thesame day USERS, AGAINSPY ONRESEARCHERSAMAZON'S TO HACKED ALEXA DDoS attacks 2018 in Q1 Researchers Find Way Master Hotels Keys to to Create Survey 2018 Breaches Security Cyber DOWN PARALYSINGTAKEN INTERNET BIGGEST DDOS ATTACKS MARKETPLACE WORLD'S SELLING Necurs Update to enable mitigation against "Rubella on Underground Macro Emerges Builder"Crimeware Kit Python Metamorfo PoC STATE PROPAGANDAISLAMIC ACTION IN COORDINATED TAKEDOWN LAWENFORCEMENT MACHINE HITBY Credentials viaTheft NTLM PDF Files PoC protection control discovered that panel the Two of security experts a Ski lift in Austria was online exposed without any Same Supporting for PrisonFriend Man Out Long to Bust Sentence System Who Hacked Jail Computer DOWN Telegram Program Bounty Uber's Bug Facebook Tracking Analyzing Operation Code Published Code an onAllfor Instant BSOD Triggering Windows Recent Versions crash for Windows7 Windows10a versions& NTFS , as Formerly Known With Yahoo!, FailingCharged to Disclose Massive Breach Cybersecurity Weblogic - Av. 171,Paulista 4 Andar CEP 01.311 Evolves File via to Evade Shortcut Spam Detection Internet Based Uses Exploit to Propagate NSA Joins Campaigns Targeting Brazilian Campaigns Targeting Users NATO Cyber NATO Server POC(CVE Server - - Site Cookies in Firefox 60 Defence Popular messaging app workingnot as major confirmed outage PoC GhostSecret via Tegra - Faasos Exercise Locked Shields Locked 2018 Exercise Defence MyEtherWallet SoCs - : Attack : Attack Data Seeks to Steal Worldwide 2018 Centre - Spectre 000 (SP)São Paulo BRASIL E - 2628) , Variant , 2 to Steal to Steal $160,000 Monero - mail:[email protected] (XMR) Miner

CYBERSECURITY NEWS TOP STORIES OF APRIL 2018 OngoingSecurity ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ Here are the 30 Red Bull websites thatarehacked 30 are the Here Thai Airways Website Hacked Evil App Detect macOS Can Maid Attacks No boundaries boundaries No for Facebook data: third Look A Sobering at Fake Online Reviews FDA Wants Medical Devices to HaveMandatory Built iOS How A Block Buster: Private Intelligence PlatformMillion 48 Leaked Personal Data Records with MacOS, Apple Users want chief iOS merge don't to says Rockwell Automation and Stratix RSAC: The Five Most Attacks Dangerous New According to SANS Report Threat 2018 Quarter First 's Data Investigations Breach Report 2018 PROBLEM SURFACE FOR OLD NEWATTACK CREDENTIALS: CLOUD of Users Chrome are Victims of Fake Ad Blockers 20,000,000 Over Vulnerability Execution Clients Code Cisco WebExRemote A Google a just for update bigproblem created anti LinkedIn AutoFill VisitorExposed Email Name, to Third Website leaves database of medics wide open Cisco SAMLAuthentication Vulnerability Rails Against Twitter Ad Ban Is Facebook's Anti The Weekin Ransomware Identity Protection to Offer Free SunTrust Zero Explorer Internet BeatCoin New MalwareZLAB Analysis Report Windows: policy WLDP CLSID COM Instantiation.NET UMCI Bypass Transcription Medical Leaked Service Records Trustjacking Orangeworm Av. 171,Paulista 4 Andar CEP 01.311 : LeakingPrivate Keys fromAir Attack Attack Exposes iPhones to Remote Hacking - Abuse Broken? System attack group targets the healthcare sector in the U.S., Europe,and sectorin healthcare the Asiaattack the targets group - Day Exploited inWild the by APT Group - April 20th 2018 April2018 20th - The ArmorStratix - Bandios 000 (SP)São Paulo BRASIL E - - party trackers abuse Facebook Login GappedWallets Cryptocurrency - malware suite Reveton Switches - censorship tools - In Update Mechanisms Charges, Charges, - Party Websites - mail:[email protected] GandCrab , and More

CYBERSECURITY NEWS TOP STORIES OF APRIL 2018 OngoingSecurity ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ Critical Vulnerability in Found Majority of Devices LG NAS Tens of thousands per Gram What Data Does Using Facebook Facebook, Not Collect WhenI'mand Why? Full version of by Directorat CYBERUK GCHQ speech the Microsoftwith money laundering charged linked engineer to Cybercriminals Earn Millions, It Wildly And Spend Uncovering Roaming Mantis hijackinguses DNS Android to infect smartphones Unsafe inIntelSPI Opcodes exposed based products CVE IIS 6.0 WINDOWS Hackers stole a casino's high Thai Bangkok toPhuket, cry out: From they Oh, Bucket!mobile spillsoperator people's data 46k infected servers Take Down 52.000 TaskRabbit Takes Down App and Website AfterGettingHacked Android Apps for Kids Advisory: Russian State JavaScript Ransomware million, attack cost city $2.7 show records MobileChinese Device MakerU.S. Buying Goods ZTE From Banned work WhatsApp by 'groundbreaking' dealer photo caught drug THREE MALICIOUSAPPS GOOGLE PLAY FROM BOOTSMARKETPLACE TIED APTS TO Members Groups Facebook Deleted Cybercrime Had 300,000 Advisory: Russian State GRIZZLY STEPPE A Review of Drupal Recent Attacks (CVE breach saysin Nova Scotia charged he had'nomaliciousTeen government intent' to AssistFirms AccordNot Sign Tech Government HackingOperations 34 Ransomware as XIAOBA Repurposed Miner File and Infector Cryptocurrency 's investigations of the Leaking ads Av. 171,Paulista 4 Andar CEP 01.311 SecureRandom Drupalgeddon - Russian Malicious Activity Cyber - 2017 - - Sponsored Cyber Actors Targeting Network Infrastructure Devices Network Infrastructure Targeting CyberActors Sponsored Devices Network Infrastructure Targeting CyberActors Sponsored () isn't securelyrandom 2 - - CCleaner 7269 IS TARGETED AGAIN TO MINEELECTRONEUM 7269 rollerin lobby the database fisha through thermometer tank - 000 (SP)São Paulo BRASIL E APT - 2018 - 7600) - many old web wallets affected - mail:[email protected] Reveton ransomware

CYBERSECURITY NEWS TOP STORIES OF APRIL 2018 OngoingSecurity ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ When IdentityThievesHack Your Accountant Discovered Injection Technique 'Early Code New Bird' PowerHammer Debian Bug report logs report Debian Bug Critical Flaw inCyberArk Execution Found PasswordCode Enterprise Vault WORD MALWARE,DELIVERS ATTACHMENT FORMBOOKMACROS NO REQUIRED CVE Cinema voucher SirenJack Public Caribbean services island at the Sint Maartenshut down by a cyber Adobe, Push Critical Fixes Security Cards from FUZE Stealing Credit over Bluetooth Bounty Facebook Offering $40,000 Announces Police Secretary Home Crackdown on Dark Web Vevo Channels YouTube Suffer Music Video Hack Warning: Your Windows GetHackedVisitingPC Can byJust a Site!!! Brazilian Criminals Use HTTP Injectors toGain MobileAccess Free Internet Klepto Operation Parliament, who is doing what? 2018 Q1 APT Trends report Internet report Intelligence SAP Threat Cyber flawsSecurity in Siemens devices UPnProxy Glitch in Malware Distribution Raging HasCampaign for Been More Than Four Months Nation Related with to Privacy,FTC Claims Settlement Security to Expanded Uber Agrees Wallet hack: firm loses Exchange bitcoins in crore worth RsDelhi 20 - 2018 - Currency: Are Hackers Currency: Av. 171,Paulista 4 Andar CEP 01.311 State Attacks Take 500% Longer to Find Attacks State Longer Take 500% healt malspam : how activate sirensfalse and trigger alarms - : 4878 Exploit Builder 4878 Blackhat Report : Exfiltrating Data from Air - pusher tells 'attacked' customers: been your cards, Cancel we've credit campaign campaign temporarily spread of reduces Proxies via NAT Injections - #894667 beep: CVE #894667 Cryptojacking - 000 (SP)São Paulo BRASIL E - GappedPower Lines through Computers Your Processing Power? - 2018 - CVE - 0492 - 2018 Data Data Investigations Breach Report 2018 2018 - GandCrab 9119 - mail:[email protected] A ttack

CYBERSECURITY NEWS TOP STORIES OF APRIL 2018 OngoingSecurity ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ Netskope Matrix New Ransomware Variants Installed Via Desktop Hacked Remote Services Iran hit by global attack cyber leftthat U.S. flag on screens Korean cryptocurrency exchange boss arrested for exchange fraud cryptocurrency Korean Hacking your brain(scan): security bugsin EEG software hospitalsopen to attack Microsoft: microcode revision guidance million Data on upto87 Facebook users shared with UK firm Status System Technologies Latitude Current Cisco SmartInstall Execution Remote Code Dot Pocket Announcing Windows Insiderfor 10 PreviewSkip BuildAhead 17639 Korea North Meet Multiple CVE reports published Framework for Spring the Warns Serviceof Scheme Chip Card Secret APNewsBreak on Data Incident Security Statement Defend yourself capabilitieswith from new Officecybercrime 365 Incident Cyber Buy: Updates on [24]7.ai Best MacOS BackdoorLinked New to system transcribes words Computer users 'speak silently' Fake Software Update Abuses raids FBI How tokeepyour ISP's noseoutof your browserhistory DNS with encrypted A totality Users' Plaintext Passwords Data Exposes 130,000 Finland's Breach Largest 3rd Managing and Mitigating VulnerabilitiesSecurity at Auth0 Analysis of Tesla Agent Spyware VariantNew GiveDon't Away Historic Details YourselfAbout - cm VirusTotal Av. 171,Paulista 4 Andar CEP 01.311 cryptofarms Typosquatting Backpage - Discovers a full 100% - Linked Lazarus APT for suspected online Casino assault : US suspects cellphone spying devices in DC Droidy founders' founders' homes in Arizona ATMJackpot - Sites VisitedTimes in So Far 12M 2018 , our newAndroid sandbox of web applications are vulnerable to hackers NetSupport OceanLotus Siphoning Cash - 000 (SP)São Paulo BRASIL E Remote Access Remote Tool Found - mail:[email protected]

CYBERSECURITY NEWS TOP STORIES OF APRIL 2018 OngoingSecurity ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ A Trojan with HiddenMalicious Steals User's Code Messenger AppInformation 6.3 OpenBSD Apple Plans to Use ReplacingIts Own Chips Intel in Macs 2020, From of U.S. Defense Department Kicks With Off Challenge Bounty Fifth Bug REGARDINGKNOW WHATYOUSHOULDHERE'S OUR HIV STATUS DATA AND PRIVACY POLICY Analytica'sHow Cambridge model really Facebook targeting worked US Govt Wants Nearly All Visa Applicants Personal to HandOver Info Panerabread.com Leaks Millions of Records Customer users from Protecting extension Saks Taylor Fifth & Avenue andLord stores hackers stole debitcardinformationcredit and FIN7 from millions of consumers who have purchasedgoods at Fake AV Investigation Unearths Android Updates Security Bulletin Security Pixel/Nexus Attacker Behavior IndustryReport Gas Four Pipeline Data Down Shut as Systems HitsCyberattack Most Businesses Overlook MainframeOne Common VulnerabilitySecurity Magento Compromised Sites Delivering Malware Av. 171,Paulista 4 Andar CEP 01.311 - April 2018 KevDroid cryptojacking - 000 (SP)São Paulo BRASIL E , New Android , New Malware - mail:[email protected] HackerOne

CYBERSECURITY NEWS TOP STORIES OF APRIL 2018 About OngoingSecurity SERVICES SAP SECURITY IDENTITY & ACCESS MANAGMENT Information Security ▪ ▪ ▪ e abordagemVisão Holística Security Audit VulnerabilityAssessment Pentest ▪ ▪ ▪ via: Integração IDM/IAM com sistemas Análise Desenho do ciclode vida de acesso ▪ ▪ Military ▪ ▪ GDPR Normas e ProcedimentosPolíticas, us Operacional Táctica Estratégica DB Connection Webservices Adapters Hardening Perímetro Segurança Interna e de Data Compliance Av. 171,Paulista 4 Andar CEP 01.311 Bottom - Protection Advisor Grade Security de Sistemas - Up Officer - 000 (SP)São Paulo BRASIL E IS Solutions IT Solutions Gap SOD Z ▪ ▪ ▪ ▪ ▪ ▪ ▪ Processos de Acesso Lógico: ▪ ▪ ▪ VulnerabilityAssessment ▪ ▪ Pentest Infrastructure Critical Hacking - System Infrastructure Hacking Critical Blackbox Recuperação de Senhas Revisão Restauração Suspensão Alteração Revogação Concessão OnDemand Onsite SaaS, Analysis Code - mail:[email protected] Review ▪ conscientização Campanha de Cybersecurity AttackSurface Multidimentional ▪ ▪ ▪ ▪ Alocação de Talentos Compliance Report ▪ ▪ ▪ Perfis de Acesso Funções Definição de Funções Análise de Segregação ISO/IEC 27002 Banco de horas Projetos BodyShop Time & Material DAC MAC RBAC de Papéis e

CYBERSECURITY NEWS