Data for 700 million LinkedIn users up for grabs on hacker forum
Information scraped from LinkedIn user profiles includes full names, gender, email addresses and phone numbers
The post Data for 700 million LinkedIn users up for grabs on hacker forum appeared first on WeLiveSecurity
For UK foreign secretary, simply having a mobile represents a security risk – analysis
Analysis: UK prides itself on GCHQ’s cyber capability – so availability of Raab’s number will have been embarrassing for him
Finding Dominic Raab’s mobile phone online is more than just embarrassing for the foreign secretary: it also represents a security risk, just as when it emerged Boris Johnson’s number could be easily found online in April.
Sophisticated spyware technology – of the type available to a rapidly growing number of governments outside the west – can, in some circumstances, be secretly inserted into a person’s phone without any interaction from the target.
Related: Dominic Raab’s mobile number freely available online for last decade
Related: Dominic Raab bodyguard suspended after gun reportedly left on planeContinue reading...
Dominic Raab’s mobile number freely available online for last decade
Exclusive: Finding raises questions for security services weeks after similar revelations about PM’s number
The private mobile number of Dominic Raab, the UK foreign secretary, has been online for at least 11 years, raising questions for the security services weeks after the prime minister’s number was also revealed to be accessible to anyone.
Raab’s number was discovered by a Guardian reader using a Google search. It appears to have been online since before he became an MP in 2010, and remained after he became foreign secretary and first secretary of state – de facto deputy prime minister – in 2019.
Related: For UK foreign secretary, simply having a mobile represents a security riskContinue reading...
3 Ways Cybercriminals Are Undermining MFAUsing multifactor authentication is an excellent security step, but like everything else, it is not foolproof and will never be 100% effective.
IBM Kestrel threat hunting language granted to Open Cybersecurity AllianceThe contribution is aimed at giving cybersecurity experts more time to conduct forensic activities.
Details of RCE Bug in Adobe Experience Manager RevealedDisclosure of a bug in Adobe’s content-management solution - used by Mastercard, LinkedIn and PlayStation – were released.
New ransomware highlights widespread adoption of Golang language by cyberattackersThe latest version of Go is being used to prevent reverse-engineering attempts.
Cobalt Strike Usage Explodes Among CybercrooksThe legit security tool has shown up 161 percent more, year-over-year, in cyberattacks, having “gone fully mainstream in the crimeware world.”
Data for 700M LinkedIn Users Posted for Sale in Cyber-UndergroundAfter 500 million LinkedIn enthusiasts were affected in a data-scraping incident in April, it's happened again - with big security ramifications.
Microsoft Refining Third-Party Driver Vetting Processes After Signing Malicious RootkitRogue driver was distributed within gaming community in China, company says.
5G Security Vulnerabilities Fluster Mobile OperatorsA survey from GSMA and Trend Micro shows a concerning lack of security capabilities for private 5G networks (think factories, smart cities, industrial IoT, utilities and more).
Attacks Erase Western Digital Network-Attached Storage DrivesThe company suspects a remote code execution vulnerability affecting My Book Live and My Book Live Duo devices and recommends that business and individual users turn off the drives to protect their data.
Request for Comments: PCI DSS v4.0 Draft Validation Documents
From 28 June to 28 July, PCI SSC stakeholders can participate in a Request for Comments (RFC) on a draft of the PCI DSS v4.0 draft validation documents. As indicated in a recent post on the PCI DSS v4.0 timeline, this RFC was added as a unique opportunity for the industry to provide feedback on drafts of the v4.0 Report on Compliance (ROC) Template and the ROC Attestations of Compliance (AOC). This RFC also introduces a new approach to merchant self-assessments, called Merchant Assessment Forms (MAFs), intended to replace Self-Assessment Questionnaires.