Cybersecurity News
Australian companies to face fines of $50m for data breaches
In wake of Optus and Medicare leaks, serious or repeated breaches of customer information will attract heavy penalties under new legislation
- Get our morning and afternoon news emails, free app or daily news podcast
Companies that fail to adequately protect people’s data could face fines of $50m or more under new legislation to be introduced next week.
After Optus and Medibank reported significant breaches of customer data, including sensitive health information, the Albanese government was now moving to increase penalties for serious or repeated breaches of customer data.
Sign up for our free morning newsletter and afternoon email to get your daily news roundup
Continue reading...APT‑C‑50 updates FurBall Android malware – Week in security with Tony Anscombe
ESET Research spots a new version of Android malware known as FurBall that APT-C-50 is using in its wider Domestic Kitten campaign
The post APT‑C‑50 updates FurBall Android malware – Week in security with Tony Anscombe appeared first on WeLiveSecurity
EnergyAustralia latest to be hit by cyber-attack as details of hundreds of customers exposed
Electricity company says attack accessed information on 323 customers but ‘no evidence’ data was transferred elsewhere
- Get our morning and afternoon news emails, free app or daily news podcast
EnergyAustralia has become the latest company to be targeted by a cyber-attack, with hundreds of customers’ details exposed.
In a statement released late on Friday, the electricity company said 323 residential and small business customers were affected by unauthorised access to their online platform, My Account.
Sign up for our free morning newsletter and afternoon email to get your daily news roundup
Continue reading...Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn
On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a significant uptick in the creation of fake employee accounts that pair AI-generated profile photos with text lifted from legitimate users.Dispatch from the Europe Community Meeting
Today was the final day of the 2022 Europe Community Meeting. Alicia Malone, Senior Manager of Public Relations sits down to provide a recap of the event. Highlights from the conversation include:
Domestic Kitten campaign spying on Iranian citizens with new FurBall malware
APT-C-50’s Domestic Kitten campaign continues, targeting Iranian citizens with a new version of the FurBall malware masquerading as an Android translation app
The post Domestic Kitten campaign spying on Iranian citizens with new FurBall malware appeared first on WeLiveSecurity
Don’t get scammed when buying tickets online
With hot-ticket events firmly back on the agenda, scammers selling fake tickets online have also come out in force
The post Don’t get scammed when buying tickets online appeared first on WeLiveSecurity
How Card Skimming Disproportionally Affects Those Most In Need
When people banking in the United States lose money because their payment card got skimmed at an ATM, gas pump or grocery store checkout terminal, they may face hassles or delays in recovering any lost funds, but they are almost always made whole by their financial institution. Yet, one class of Americans -- those receiving food assistance benefits via state-issued prepaid debit cards -- are particularly exposed to losses from skimming scams, and usually have little recourse to do anything about it.5 steps to protect your school from cyberattacks
What can schools, which all too often make easy prey for cybercriminals, do to bolster their defenses and keep threats at bay?
The post 5 steps to protect your school from cyberattacks appeared first on WeLiveSecurity
Anti-Money Laundering Service AMLBot Cleans House
AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.ESET research into POLONIUM’s arsenal – Week in security with Tony Anscombe
More than a dozen organizations operating in various verticals were attacked by the threat actor
The post ESET research into POLONIUM’s arsenal – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Life in pursuit of answers: In the words of Ada Yonath
From a little girl financially helping her family in Jerusalem to a Nobel Prize laureate. That is the exceptional life of Ada Yonath in a nutshell.
The post Life in pursuit of answers: In the words of Ada Yonath appeared first on WeLiveSecurity
How scammers target Zelle users – and how you can stay safe
Fraudsters use various tactics to separate people from their hard-earned cash on Zelle. Here’s how to keep your money safe while using the popular P2P payment service.
The post How scammers target Zelle users – and how you can stay safe appeared first on WeLiveSecurity
Microsoft Patch Tuesday, October 2022 Edition
Microsoft today released updates to fix at least 85 security holes in its Windows operating systems and related software, including a new zero-day vulnerability in all supported versions of Windows that is being actively exploited. However, noticeably absent from this month's Patch Tuesday are any updates to address a pair of zero-day flaws being exploited this past month in Microsoft Exchange Server.POLONIUM targets Israel with Creepy malware
ESET researchers analyzed previously undocumented custom backdoors and cyberespionage tools deployed in Israel by the POLONIUM APT group
The post POLONIUM targets Israel with Creepy malware appeared first on WeLiveSecurity
Steam account stolen? Here’s how to get it back
Has your Steam account been hacked? Here are the signs to look for and what you can do to get your account back.
The post Steam account stolen? Here’s how to get it back appeared first on WeLiveSecurity
Report: Big U.S. Banks Are Stiffing Account Takeover Victims
When U.S. consumers have their online bank accounts hijacked and plundered by hackers, U.S. financial institutions are legally obligated to reverse any unauthorized transactions as long as the victim reports the fraud in a timely manner. But new data released this week suggests that for some of the nation's largest banks, reimbursing account takeover victims has become more the exception than the rule.Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe
A look back on the key trends and developments that shaped the cyberthreat landscape from May to August of this year
The post Key takeaways from ESET Threat Report T2 2022 – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Government considers centralising digital ID verification on myGov in wake of Optus breach
Experts warn using any single system could have its own cybersecurity weaknesses leaving data vulnerable to misuse
- Follow our Australia news live blog for the latest updates
- Get our free news app, morning email briefing and daily news podcast
The Australian government is considering using myGov or its myGovID system to centralise digital identity authentication in the wake of the Optus data breach, but critics warn any single system could have its own cybersecurity weaknesses.
The former Telstra chief executive David Thodey was recruited to audit myGov when the Albanese government came into power, and his review would now examine whether myGov could be used to prevent people needing to present ID documents multiple times, a spokesperson for the government services minister, Bill Shorten, said.
Sign up to receive an email with the top stories from Guardian Australia every morning
Continue reading...The need to change cybersecurity for the next generation
Healthy habits that are instilled and nurtured at an early age bring lifelong benefits – the same applies to good cybersecurity habits
The post The need to change cybersecurity for the next generation appeared first on WeLiveSecurity