Cybersecurity News
Google Chrome Makes It Easier to Update Compromised Passwords
A new capability will use Google's Duplex technology to alert people when their passwords are compromised and help change them.19 May 2021
Can Nanotech Secure IoT Devices From the Inside-Out?
Work's being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats.
19 May 2021
Attackers Took 5 Minutes to Start Scanning for Exchange Server Flaws
Research underscores the acceleration of attack activity and points to a growing concern that defenders can't keep pace.19 May 2021
Microsoft, Google Clouds Hijacked for Gobs of Phishing
Attackers sent 52M malicious messages leveraging the likes of Office 365, Azure, OneDrive, SharePoint, G-Suite and Firebase storage in Q1 2021.
19 May 2021
Automation & Pervasive, Connected Technology to Pose Cyber Threats in 2030
A project to look at potential cybersecurity threats in a decade sees hackers and marketers sending spam directly to our vision, while attackers' automated systems adapt faster than defenses.19 May 2021
Colonial Pipeline CEO Confirms Ransom Payment
CEO Joseph Blount says the $4.4 million payment was a necessary decision amid high-stakes infrastructure disruption.19 May 2021
How to Adapt to Rising Consumer Expectations of Invisible Security
Working from home has changed users' ideas about seamless security. Here's how to address them.19 May 2021
Keksec Cybergang Debuts Simps Botnet for Gaming DDoS
The newly discovered malware infects IoT devices in tandem with the prolific Gafgyt botnet, using known security vulnerabilities.
19 May 2021
Paving the way: Inspiring Women in Payments - A Q&A featuring Neha Abbad
Just prior to the onset of the COVID-19 pandemic in India, Neha Abbad got an opportunity to work as a part of a high performing team at MattsenKumar Cyber Services in Gurgaon, a top metropolitan city of India. Accepting the challenge meant being separated from her family for months during the country-wide, pandemic-related lockdown. While difficult, the new work greatly inspired her and the support and encouragement from her seniors helped her build confidence that she had the capability to deliver. In this edition of our blog, Neha explains that women should never doubt their abilities if only others realized what women bring to the payment industry.
19 May 2021
Recycle Your Phone, Sure, But Maybe Not Your Number
Many online services allow users to reset their passwords by clicking a link sent via SMS, and this unfortunately widespread practice has turned mobile phone numbers into de facto identity documents. Which means losing control over one thanks to a divorce, job termination or financial crisis can be devastating. Even so, plenty of people willingly abandon a mobile number without considering the potential fallout to their digital identities when those digits invariably get reassigned to someone else. New research shows how fraudsters can abuse wireless provider websites to identify available, recycled mobile numbers that allow password resets at a range of email providers and financial services online.19 May 2021
Credential Stuffing Reaches 193 Billion Login Attempts Annually
More attacks does not necessarily mean more threats, but all attacks types have increased, according to Akamai's new 'State of the Internet' report.19 May 2021
Windows PoC Exploit Released for Wormable RCE
The exploit pries open CVE-2021-31166, a bug with a CVSS score of 9.8 that was the baddest of the bad in Microsoft's Patch Tuesday release last week.
19 May 2021
How Ransomware Encourages Opportunists to Become Criminals
And what's needed to stop it: Better information sharing among private organizations and with law enforcement agencies.19 May 2021
Bug Exposes Eufy Camera Private Feeds to Random Users
Customers panic and question parent company Anker’s security and privacy practices after learning their home videos could be accessed and even controlled by strangers due to a server-upgrade glitch.
19 May 2021
Bizarro banking Trojan surges across Europe
Operators have so far targeted customers of at least 70 banks across Europe and South America.19 May 2021
Amazon extends ban on police using Rekognition facial recognition technology, no end in sight
The existing moratorium will continue as Congress has not tackled concerns raised by the use of the technology in criminal cases.19 May 2021
Cybercriminals scanned for vulnerable Microsoft Exchange servers within five minutes of news going public
Research suggests the cheap hire of cloud services has allowed cyberattackers to quickly pick out targets.19 May 2021
Colonial Pipeline attack: Hacking the physical world
The attack is a reminder of growing cyberthreats to critical infrastructure while also showing why providers of essential services are ripe targets for cybercriminals
The post Colonial Pipeline attack: Hacking the physical world appeared first on WeLiveSecurity
19 May 2021
This is how the Cobalt Strike penetration testing tool is being abused by cybercriminals
Cobalt Strike is a popular tool with cybersecurity professionals. Unfortunately, it’s also utilized by threat actors.19 May 2021
How to Get Employees to Care About Security
Want to a security awareness program that sticks? Make it fun and personal -- and offer free lunch.
18 May 2021