---

15% of Ransomware Victims Paid Ransom in 2019, Quadrupling 2018

Increasing sophistication of ransomware attacks might be forcing victims to open their wallets. Click image to read more.

---

New Iranian data wiper malware hits Bapco, Bahrain's national oil company

Saudi Arabia's cyber-security agency spots new Dustman data-wiping malware.

---

Las Vegas Suffers Cyberattack on First Day of CES

The attack, still under investigation, hit early in the morning of Jan. 7.

---

Drake Lyrics Used as Calling Card in Malware Attack

A hacker who apparently likes the musician Drake leaves lyrics from the artist's song In My Feelings behind in an attack that delivers malware Lokibot or Azorult.

---

Developers Still Don't Properly Handle Sensitive Data

The top classes of vulnerabilities for 2019 indicate that developers still don't correctly sanitize inputs, nor protect passwords and keys as they should.

---

Operation Goldfish Alpha reduces cryptojacking across Southeast Asia by 78%

Interpol and CERT teams from 10 Southeast Asian countries crack down on hacked MikroTik routers.

---

Mozilla patches Firefox zero-day reported by Qihoo 360

Chinese security firm claims there's also an accompanying Internet Explorer zero-day.

---

Google's Project Zero Policy Change Mandates 90-Day Disclosure

The updated disclosure policy aims to achieve more thorough and improved patch development, Google reports.

---

Man Sentenced in ATM Skimming Conspiracy

A Romanian national has been sentenced to 5 years in prison after racking up almost $400,000 in an ATM skimming scheme.

---

Google Ditches Patch-Time Bug Disclosure in Favor of 90-Day Policy

Project Zero vulnerability disclosures will now happen at 90 days, even if a patch becomes available before then.

---

CES – Taking a smart city for a test drive

No one has a road map for securing a connected city – but there should be a whole atlas of such maps

The post CES – Taking a smart city for a test drive appeared first on WeLiveSecurity

---

CES – Taking a smart city for a test drive

No one has a road map for securing a connected city – but there should be a whole atlas of such maps

The post CES – Taking a smart city for a test drive appeared first on WeLiveSecurity

---

In App Development, Does No-Code Mean No Security?

No-code and low-code development platforms are part of application development, but there are keys to making sure that they don't leave security behind with traditional coding.

---

TikTok Bugs Put Users' Videos, Personal Data At Risk

Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users' personal data.

---

The "Art of Cloud War" for Business-Critical Data

How business executives' best intentions may be negatively affecting security and risk mitigation strategies -- and exposing weaknesses in organizational defenses.

---

Telegram opens lid on TON project amid SEC spat: ‘Grams won’t help you get rich’

No cryptocurrency wallet will be integrated with Telegram Messenger either -- at least, not yet.

---

ATM skimmer sentenced for fleecing $400,000 out of US banks

ATM users had their cards read and bank accounts pillaged.

---

Naive IoT botnet wastes its time mining cryptocurrency

Operators of LiquorBot botnet waste their time trying to mine Monero on hacked SOHO routers.

---

Mobile Apps

Only install mobile apps from trusted places, and always double-check the privacy settings to ensure you are not giving away too much information.

---

Signal app will support 'view-once' images and videos

Support for ephemeral multimedia messages to arrive in Signal within weeks.