Amazon extends ban on police using Rekognition facial recognition technology, no end in sightThe existing moratorium will continue as Congress has not tackled concerns raised by the use of the technology in criminal cases.
Cybercriminals scanned for vulnerable Microsoft Exchange servers within five minutes of news going publicResearch suggests the cheap hire of cloud services has allowed cyberattackers to quickly pick out targets.
Colonial Pipeline attack: Hacking the physical world
The attack is a reminder of growing cyberthreats to critical infrastructure while also showing why providers of essential services are ripe targets for cybercriminals
The post Colonial Pipeline attack: Hacking the physical world appeared first on WeLiveSecurity
This is how the Cobalt Strike penetration testing tool is being abused by cybercriminalsCobalt Strike is a popular tool with cybersecurity professionals. Unfortunately, it’s also utilized by threat actors.
How to Get Employees to Care About SecurityWant to a security awareness program that sticks? Make it fun and personal -- and offer free lunch.
How Attackers Weigh the Pros and Cons of BEC TechniquesSecurity researchers discuss attackers' evolving methodologies in business email compromise and phishing campaigns.
Scammers Pose as Meal-Kit Services to Steal Customer DataAttackers are sending messages disguised as offers from meal-kit services, like HelloFresh.
Request for Comments: P2PE v3.1 Draft Standard
P2PE Assessors and Participating Organizations are invited to provide feedback on the draft P2PE v3.1 Standard minor revision during a 30-day request for comments (RFC) period running from 18 May through 17 June 2021. This minor revision primarily includes updates to Domain 5 to align with the updates, as applicable, from the PCI PIN v3.1 Standard minor revision published in March 2021. Additional errata updates are also included.
Stalkerware Apps Riddled with Security BugsAttackers can take advantage of the fact these apps access, gather, store and transmit more information than any other app their victims have installed.
Splunk to Acquire TruStar for Data ManagementSplunk said it will integrate TruStar's data-sharing capabilities into its Data-to-Everything platform following the acquisition.
FBI's IC3 Logs 1M Complaints in 14 MonthsThe FBI's IC3 reportsCOVID-related scams and an increase in online retail may be behind the upswing in complaints.
Why Anti-Phishing Training Isn't EnoughNot only is relying on employees' awareness insufficient to prevent sophisticated social engineering attacks, some training methods can create other problems.
Scams target families of missing persons, FBI warns
Con artists use social media to find and target victims for various nefarious ends, including to extort relatives of missing persons
The post Scams target families of missing persons, FBI warns appeared first on WeLiveSecurity