Cybersecurity News
Cybercrime Losses Up 50%, Exceeding $1.8B
Fewer companies are being hit by cyber incidents, but those that do get hit are hit harder and more often.16 October 2020
TikTok Launches Bug Bounty Program Amid Security Snafus
The move is a distinct change in direction for the app, which has been criticized and even banned for its security practices.
16 October 2020
News Wrap: Barnes & Noble Hack, DDoS Extortion Threats and More
From a cyberattack on Barnes & Noble to Zoom rolling out end-to-end encryption, Threatpost editors break down the top security stories of the week.
16 October 2020
Azure Defender for IoT enters public preview
Azure Defender for IoT can help companies keep track of IoT/OT networks without having to install anything on their smart devices and industrial equipment.16 October 2020
BA fined record £20m for customer data breach
Personal details of more than 400,000 customers accessed by hackers in 2018
British Airways has been fined a record £20m for a data breach in which more than 400,000 customers’ personal details were compromised by hackers in 2018.
The fine is the biggest ever issued by the Information Commissioner’s Office (ICO), but a fraction of the £183m fine initially announced last year. This was reduced after investigators accepted BA’s representations about the circumstances of the attack; and was reduced further to take into account the dire financial position of BA since the onset of Covid-19.
Continue reading...16 October 2020
Billionaire CEO of software company indicted for alleged $2 billion tax evasion schemes
Robert Brockman is being accused of running tax evasion schemes spanning across decades.16 October 2020
5 things you can do to secure your home office without hiring an expert
You don’t need a degree in cybersecurity or a bottomless budget to do the security basics well – here are five things that will get you on the right track
The post 5 things you can do to secure your home office without hiring an expert appeared first on WeLiveSecurity
16 October 2020
Adobe patches Magento bugs that lead to code execution, customer list tampering
The out-of-band security update tackles eight critical and important vulnerabilities.16 October 2020
800,000 SonicWall VPNs vulnerable to new remote code execution bug
VPN vulnerabilities — the gift that keeps on giving (to attackers).16 October 2020
Attending a Video Conference
When attending a video conference, make sure you are using the latest version of the conferencing software. In addition, if you are using the video option make sure there is nothing sensitive behind you that others would see.16 October 2020
Prolific Cybercrime Group Now Focused on Ransomware
Cybercriminal team previously associated with point-of-sale malware and data theft has now moved almost completely into the more lucrative crimes of ransomware and extortion.15 October 2020
US Indicts Members of Transnational Money-Laundering Organization
Members of the QQAAZZ group helped cybercriminals conceal origins of stolen funds, DoJ alleges.15 October 2020
Card details for 3 million Dickey's customers posted on carding forum
Dickey's Barbecue Pit, the largest barbecue restaurant chain in the US, suffered a POS breach between July 2019 and August 2020.15 October 2020
Critical Magento Holes Open Online Shops to Code Execution
Adobe says the two critical flaws (CVE-2020-24407 and CVE-2020-24400) could allow arbitrary code execution as well as read or write access to the database.
15 October 2020
Breach at Dickey’s BBQ Smokes 3M Cards
One of the digital underground's most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the payment card data was stolen in a two-year-long data breach at more than 100 Dickey's Barbeque Restaurant locations around the country.15 October 2020
FIFA 21 Blockbuster Release Gives Fraudsters an Open Field for Theft
In-game features of the just-released FIFA 21 title give scammers easy access its vast audience.
15 October 2020
Twitter Hack Analysis Drives Calls for Greater Security Regulation
New York's Department of Financial Services calls for more cybersecurity regulation at social media firms following the "jarringly easy" Twitter breach.15 October 2020
Barnes & Noble Warns Customers About Data Breach
Famed bookseller says non-financial data was exposed in a new attack.15 October 2020
Overcoming the Challenge of Shorter Certificate Lifespans
We could be in the middle of a major transition to shorter and shorter certificate life spans, which has significant implications for how IT organizations manage certificates across the enterprise.15 October 2020
Ubisoft, Crytek data posted on ransomware gang's site
Details about hackers obtained the files remain unclear. Ransomware gang also threatened to leak the source code of Watch Dogs: Legion, an upcoming Ubisoft game.15 October 2020