Cybersecurity News


Experian’s Credit Freeze Security is Still a Joke

In 2017, KrebsOnSecurity showed how easy it is for identity thieves to undo a consumer's request to freeze their credit file at Experian, one of the big three consumer credit bureaus in the United States.  Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian's website, and it reminded me of how truly broken authentication and security remains in the credit bureau space.
26 April 2021

Flubot Spyware Spreading Through Android Devices

Flubot Spyware Spreading Through Android Devices The malware is spreading rapidly through ‘missed package delivery’ SMS texts, prompting urgent scam warnings from mobile carriers.
26 April 2021

Proofpoint to Be Acquired by Thoma Bravo for $12.3B

The cybersecurity company will go private following the all-cash transaction.
26 April 2021

Nvidia Warns: Severe Security Bugs in GPU Driver, vGPU Software

Nvidia Warns: Severe Security Bugs in GPU Driver, vGPU Software The gaming- and AI-friendly graphics accelerators can open the door to a range of cyberattacks.
26 April 2021

Cybersecurity and the Way to a Balanced Life

Cybersecurity and the Way to a Balanced Life With work more demanding than ever, how can cybersecurity pros safeguard their organizations and their own mental well-being at the same time?
26 April 2021

Shift Left: From Concept to Practice

By moving security into development, your team can find and fix vulnerabilities before they become expensive, difficult, and publicly embarrassing problems.
26 April 2021

Darktrace slashes valuation price estimate ahead of IPO: report

The caution is aimed at preventing share prices from tanking on debut.
26 April 2021

Prominent security expert Dan Kaminsky passes away at 42

Kaminsky is being remembered not only for his kindness but also for being a “force of nature” in the infosec community.
26 April 2021

4 common ways scammers use celebrity names to lure victims

All that glitters is not gold – look out for fake celebrity endorsements and other con jobs that aren’t going out of fashion any time soon

The post 4 common ways scammers use celebrity names to lure victims appeared first on WeLiveSecurity

26 April 2021

Thodex cryptocurrency exchange chief allegedly goes on the run with $2bn in client funds

The exchange claims such reports are “unfounded.”
26 April 2021

Never Give Your Password Over the Phone

Never give your password to someone over the phone. If someone calls you and asks for your password while saying they are from the Help Desk or Tech Support team, it is most likely an attacker attempting to gain access to your account.
26 April 2021

Window Snyder Launches Startup to Fill IoT Security Gaps

Window Snyder Launches Startup to Fill IoT Security Gaps Thistle Technologies aims to help connected device manufacturers securely deliver updates to their products.
23 April 2021

Oscar-Bait, Literally: Hackers Abuse Nominated Films for Phishing, Malware

Oscar-Bait, Literally: Hackers Abuse Nominated Films for Phishing, Malware Judas and the Black Messiah may be a favorite for Best Picture at the 93rd Academy Awards on Sunday, but it's a fave for cybercriminals too.
23 April 2021

Password Manager Suffers 'Supply Chain' Attack

A software update to Click Studios' Passwordstate password manager contained malware.
23 April 2021

Insider Data Leaks: A Growing Enterprise Threat

Report finds 85% of employees are more likely to leak sensitive files now than before the COVID-19 pandemic.
23 April 2021

Prometei Botnet Could Fire Up APT-Style Attacks

Prometei Botnet Could Fire Up APT-Style Attacks The malware is for now using exploits for the Microsoft Exchange "ProxyLogon" security bugs to install Monero-mining malware on targets.
23 April 2021

5 Fundamental But Effective IoT Device Security Controls

5 Fundamental But Effective IoT Device Security Controls Matt Dunn, the associate managing director for cyber-risk at Kroll, discusses how to keep networks safe from insecure IoT devices.
23 April 2021

KnowBe4 Issues IPO to Drive Global Expansion, New Automation Features

Security awareness firm aims expand into Europe and Asia, and add automation and machine learning to its technology.
23 April 2021

Week in security with Tony Anscombe

WhatsApp Pink is not an update – Security holes in Apple's AirDrop – New zero-day plugged in Chrome

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

23 April 2021

Instagram rolls out new features to help prevent cyberbullying

The social media platform is stepping up efforts to help stomp out harassment and other abusive behavior

The post Instagram rolls out new features to help prevent cyberbullying appeared first on WeLiveSecurity

23 April 2021