Cybersecurity News
Hancock CCTV footage: security may have been breached, minister says
Justice secretary Robert Buckland calls for regular sweeps for hidden cameras in government offices
The justice secretary, Robert Buckland, has signalled that ministerial security may have been compromised as he called for regular security sweeps for cameras in ministers’ offices after the Matt Hancock scandal.
Hancock resigned as health secretary on Saturday following the leak of CCTV images from his departmental office showing him kissing his senior aide Gina Coladangelo.
Continue reading...GitHub bug bounties: payouts surge past $1.5 million mark
GitHub says that 2020 was the “busiest year yet” in vulnerability disclosure.Ministry of Defence employee charged in child pornography case
The charges stem from his participation in the “PedoPub” web forum.John McAfee obituary
Controversial antivirus software pioneer who entered US politics and became a fugitive from justiceAs the inventor of the antivirus software that bears his name, John McAfee, who has died aged 75 after apparently taking his own life in a Spanish prison, turned paranoia into a fortune. He was one of the first successful self-promoting celebrity millionaires whose power and media exposure provide untold influence in the US.
Moving from computer savant to spiritual guru, he then began an extended second act in Belize, where his outsized lifestyle fuelled his own personal paranoia, and led to his becoming the leading suspect in the murder of a beachfront neighbour.
Continue reading...Mercedes-Benz Customer Data Flies Out the Window
For over three years, a vendor was recklessly driving the cloud-stored data of luxury-car-owning customers and wannabe buyers.
New CPU Baseline for Windows 11 Will Ensure Better Security, Microsoft Says
Redmond's latest OS will run only on systems with TPM 2.0 chips.PS3 Players Ban: Latest Victims of Surging Attacks on Gaming Industry
Every Sony PlayStation 3 ID out there was compromised, provoking bans of legit players on the network.
MyBook Users Urged to Unplug Devices from Internet
Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a previously unknown critical flaw that can be triggered by anyone who knows the Internet address of an affected device.FIN7 ‘Pen Tester’ Headed to Jail Amid $1B in Payment-Card Losses
One of the Carbanak cybergang's highest-level hackers is destined to serve seven years while making $2.5 million in restitution payments.
Amazon Acquires Secure Messaging Platform Wickr
AWS CISO Stephen Schmidt says the acquisition is strategic amid the proliferation of remote work.Data Privacy Is in 23andMe CSO's DNA
How serious is the company about safeguarding its customers and their genetic information? "We're hiding data even from ourselves," says the biotech and genetic testing company's head of security.
Cisco ASA Bug Now Actively Exploited as PoC Drops
In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter.
My Book Live Users Wake Up to Wiped Devices, Active RCE Attacks
“I am totally screwed,” one user wailed after finding years of data nuked. Western Digital advised yanking the NAS storage devices offline ASAP: There's an exploit.
School's Out for Summer, but Don't Close the Book on Cybersecurity Training
Strengthening their security posture should be at the top of school IT departments' summer to-do list.High-Level FIN7 Member Sentenced to 7 Years in Prison
Andrii Kolpakov, who served as a high-level pentester for the criminal group, was also ordered to pay $2.5 million in restitution.Guidance: How PCI DSS Requirements Apply to WFH Environments
PCI DSS requirements may apply to work-from-home (WFH) environments in different ways, depending on the entity’s business and security needs and how they have configured their infrastructure to support personnel working from home. Additionally, the job functions an individual is performing may also affect how PCI DSS applies—for example, whether an individual requires access to payment card account data or to the entity’s CDE, and the type of access required.
Have I gone too far in monitoring my children’s online activity? | Annalisa Barbieri
At this stage, being a parent is more about negotiation and trust, says Annalisa Barbieri. Sit down as a family and talk about it – make rules together
I have two children, aged nine and 11. We’ve always limited their tech but just before the pandemic, we bought them tablets to give them access to education, entertainment and their friends. Then I became concerned about their increasing use and placed more limits on screen time.
Full disclosure: I am a phone addict. So I introduced a rule where we all put our devices in a box when we aren’t using them (I break this rule most). During the last lockdown, we got my older child a phone. She had already asked for TikTok – her friends all had it, but I refused because it has all sorts of age-inappropriate stuff. However, that was how her friends communicated, so I allowed it as long as it was a private account on my device, so I could monitor it and her messages. She agreed to this reluctantly. I know I need to step back, but how do I do that without neglecting my duties as a parent?
Related: How can I help my 76-year-old mother date safely online?
Continue reading...7 Unconventional Pieces of Password Wisdom
Challenging common beliefs about best practices in password hygiene.
Week in security with Tony Anscombe
Telling state-backed hackers apart from cybercriminals – How to check if a website is safe – Gaming firms plagued by cyberattacks amid the pandemic
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Hackers Crack Pirated Games with Cryptojacking Malware
Threat actors have so far made about $2 million from Crackonosh, which secretly mines Monero cryptocurrency from affected devices.