Cybersecurity News


ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats

ThreatList: Cyber Monday Looms – But Shoppers Oblivious to Top Retail Threats Online shoppers are blissfully unaware of credit card skimming threats and malicious shopping apps as they head into this year's Black Friday and Cyber Monday holiday shopping events.
27 November 2020

5 Signs Someone Might be Taking Advantage of Your Security Goodness

5 Signs Someone Might be Taking Advantage of Your Security Goodness Not everyone in a security department is acting in good faith, and they'll do what they can to bypass those who do. Here's how to spot them.
27 November 2020

Failing Toward Zero: Why Your Security Needs to Fail to Get Better

Each security incident should lead to a successive reduction in future incidences of the same type. Organizations that fail toward zero embrace failure and learn from their mistakes.
27 November 2020

Networking equipment vendor Belden discloses data breach

Belden says hackers accessed a limited number of company's file servers.
27 November 2020

Personal data of 16 million Brazilian COVID-19 patients exposed online

Among those affected by the leak are Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors.
26 November 2020

FBI warns of threat actors spoofing Bureau domains, email accounts

The U.S. law enforcement agency shares a sampling of more than 90 spoofed FBI-related domains registered recently

The post FBI warns of threat actors spoofing Bureau domains, email accounts appeared first on WeLiveSecurity

26 November 2020

Federated Learning: A Therapeutic for what Ails Digital Health

Federated Learning: A Therapeutic for what Ails Digital Health Researchers show the promise of Federated Learning to protect patient privacy and improve healthcare outcomes across the world.
26 November 2020

Changing Employee Security Behavior Takes More Than Simple Awareness

Changing Employee Security Behavior Takes More Than Simple Awareness Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.
26 November 2020

SIM swap scam: What it is and how to protect yourself

Here’s what to know about attacks where a fraudster has your number, literally and otherwise

The post SIM swap scam: What it is and how to protect yourself appeared first on WeLiveSecurity

26 November 2020

Sophos notifies customers of data exposure after database misconfiguration

Exclusive: Company says that only a small subset of customers were impacted.
26 November 2020

Xbox bug could have allowed hackers to link gamer tags with players' emails

The bug could have been exploited by playing around in a browser's developer console and editing a cookie field.
25 November 2020

Security researcher accidentally discovers Windows 7 and Windows Server 2008 zero-day

The vulnerability was discovered while the security researcher was working on a Windows security tool.
25 November 2020

Do You Know Who's Lurking in Your Cloud Environment?

A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.
25 November 2020

Look Beyond the 'Big 5' in Cyberattacks

Don't ignore cyber operations outside US and European interests, researcher says. We can learn a lot from methods used by attackers that aren't among the usual suspects.
25 November 2020

Three members of TMT cybercrime group arrested in Nigeria

The TMT group has infected more than 50,000 organizations around the world with malware.
25 November 2020

Major BEC Phishing Ring Cracked Open with 3 Arrests

Major BEC Phishing Ring Cracked Open with 3 Arrests Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares.
25 November 2020

Critical MobileIron RCE Flaw Under Active Attack

Critical MobileIron RCE Flaw Under Active Attack Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.
25 November 2020

How to Update Your Remote Access Policy – And Why You Should Now

How to Update Your Remote Access Policy – And Why You Should Now Reducing the risks of remote work starts with updating the access policies of yesterday.
25 November 2020

Prevention Is Better Than the Cure When Securing Cloud-Native Deployments

Prevention Is Better Than the Cure When Securing Cloud-Native Deployments The "OODA loop" shows us how to secure cloud-native deployments and prevent breaches before they occur.
25 November 2020

Why Security Awareness Training Should Be Backed by Security by Design

Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior.
25 November 2020