Cybersecurity News
I am a Medibank customer. Am I affected by the cyberattack? What can I do to protect myself?
Experts suggest using multifactor authentication and telling your bank to put extra security checks in place
- Follow our Australia news live blog for the latest updates
- Get our morning and afternoon news emails, free app or daily news podcast
Millions of Medibank’s current and former customers have had their personal information, including health claims, exposed in a hack of the company’s customer database.
Here’s what we know so far and what you can do.
name
address
date of birth
gender
Medicare card number (in some cases)
health claims made with Medibank (in some cases)
Continue reading...ConnectWise Quietly Patches Flaw That Helps Phishers
ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just days after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks.Top tips to save energy used by your electronic devices
With the rapidly rising energy prices putting a strain on many households, what are some quick wins to help reduce the power consumption of your gadgets?
The post Top tips to save energy used by your electronic devices appeared first on WeLiveSecurity
Password app LastPass hit by cybersecurity breach but says data remains safe
Company says its security system prevented the hacker accessing customer data or encrypted passwords
- Follow our Australia news live blog for the latest updates
- Get our morning and afternoon news emails, free app or daily news podcast
Password manager LastPass has told customers that some of their information has been accessed in a cybersecurity breach, but says passwords remain safe.
LastPass is one of several password managers in the market that aims to reduce the reuse of passwords online, by storing themin a single app. It also makes it easier for users to generate strong passwords as required.
Continue reading...Medibank hackers announce ‘case closed’ and dump huge data file on dark web
The size of the data file suggests it may be the full trove of hundreds of thousands of customers’ private records that were stolen from the health insurer
- Follow our Australia news live blog for the latest updates
- Get our morning and afternoon news emails, free app or daily news podcast
The cybercriminals behind the Medibank cyber-attack have posted on the dark web what appears to be the remainder of what customer data they took from the health insurer, stating it is “case closed” for the hack.
On Thursday morning, the blog – which returned online after several days of being offline last week – posted “Happy Cyber Security Day!!! Added folder full. Case closed.” and included a file that has several compressed files amounting to over 5GB.
Continue reading...Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin
ESET researchers uncover Dolphin, a sophisticated backdoor extending the arsenal of the ScarCruft APT group
The post Who’s swimming in South Korean waters? Meet ScarCruft’s Dolphin appeared first on WeLiveSecurity
Is it worth taking out personal cyber insurance in case you are caught up in a data hack?
Experts say investing in identity theft protection may provide peace of mind, but won’t help recover lost information
The recent Optus and Medibank data breaches in which thousands of Australians had their personal information stolen have heightened public consciousness of the threat of identity fraud.
Information including names, dates of birth, addresses, phone numbers, passport and Medicare numbers, and even healthcare claims have been posted online in the past few months as a result of the high profile breaches.
Continue reading...U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer
A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.RansomBoggs: New ransomware targeting Ukraine
ESET researchers spot a new ransomware campaign that goes after Ukrainian organizations and has Sandworm's fingerprints all over it
The post RansomBoggs: New ransomware targeting Ukraine appeared first on WeLiveSecurity
MEPs’ spyware inquiry targeted by disinformation campaign, say experts
European parliament is investigating Pegasus, a powerful surveillance tool used by governments around the world
Victims of spyware and a group of security experts have privately warned that a European parliament investigatory committee risks being thrown off course by an alleged “disinformation campaign”.
The warning, contained in a letter to MEPs signed by the victims, academics and some of the world’s most renowned surveillance experts, followed news last week that two individuals accused of trying to discredit widely accepted evidence in spyware cases in Spain had been invited to appear before the committee investigating abuse of hacking software.
Continue reading...Spyware posing as VPN apps – Week in security with Tony Anscombe
The Bahamut APT group distributes at least eight malicious apps that pilfer victims' data and monitor their messages and conversations
The post Spyware posing as VPN apps – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Know your payment options: How to shop and pay safely this holiday season
'Tis the season for shopping and if you too are scouting for bargains, make sure to keep your money safe when snapping up those deals
The post Know your payment options: How to shop and pay safely this holiday season appeared first on WeLiveSecurity
10 tips to avoid Black Friday and Cyber Monday scams
It pays not to let your guard down during the shopping bonanza – watch out for some of the most common scams doing the rounds this holiday shopping season
The post 10 tips to avoid Black Friday and Cyber Monday scams appeared first on WeLiveSecurity
Bahamut cybermercenary group targets Android users with fake VPN apps
Malicious apps used in this active campaign exfiltrate contacts, SMS messages, recorded phone calls, and even chat messages from apps such as Signal, Viber, and Telegram
The post Bahamut cybermercenary group targets Android users with fake VPN apps appeared first on WeLiveSecurity
Security fatigue is real: Here’s how to overcome it
Do your employees take more risks with valuable data because they’ve become desensitized to security guidance? Spot the symptoms before it’s too late.
The post Security fatigue is real: Here’s how to overcome it appeared first on WeLiveSecurity
Paving the Way: Inspiring Women in Payments - A Q&A featuring Kara Gunderson
Kara Gunderson’s father always told her, “You have to arrange for your own good luck.” And this is a mantra that rings true for her. She believes that everyone, male or female, needs to work for their job. They need to roll up their sleeves, prove that they are willing to work hard, and that they are worthy of the position. In this edition of our blog, Kara explains that at one time she was one of the few women in petroleum payments and was held back because of her gender. But, over time, this has changed, and through hard work, she has arranged for her own good luck and success in the industry.
Facebook sued for collecting personal data to target adverts
In high court case that could set precedent for millions, Tanya O’Carroll alleges owner Meta is breaking UK data laws
A human rights campaigner is suing Facebook’s owner in the high court, claiming the company is disregarding her right to object against the collection of her personal data.
Tanya O’Carroll has launched a lawsuit against Mark Zuckerberg’s Meta alleging it has breached UK data laws by failing to respect her right to demand Facebook stop collecting and processing her data. Facebook generates revenue from building profiles of users and matching them with advertisers who direct ads at people targeting their specific interests and backgrounds.
Continue reading...Latest insights on APT activity – Week in security with Tony Anscombe
What have some of the world's most notorious APT groups been up to lately? A new ESET report released this week has the answers.
The post Latest insights on APT activity – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Tor vs. VPN: Which should you choose?
Both Tor and a VPN can greatly help you keep prying eyes away from your online life, but they’re also two very different beasts. Which is better for you?
The post Tor vs. VPN: Which should you choose? appeared first on WeLiveSecurity