Cybersecurity News

No SOCKS, No Shoes, No Malware Proxy Services!

With the recent demise of several popular "proxy" services that let cybercriminals route their malicious traffic through hacked PCs, there is now something of a supply chain crisis gripping the underbelly of the Internet. Compounding the problem, several remaining malware-based proxy services have chosen to block new registrations to avoid swamping their networks with a sudden influx of customers.

02 August 2022

Coffee with the Council Podcast: A Mid-Year Update from the Council Featuring Lance Johnson

Welcome to our podcast series, Coffee with The Council. I'm Alicia Malone, senior manager of public relations for the PCI Security Standards Council. Today, we'll be giving a mid-year update on Council activities and what you need to know for the second half of 2022. My guest for this episode is Lance Johnson, executive director of PCI SSC. Welcome, Lance.

02 August 2022

Start as you mean to go on: the top 10 steps to securing your new computer

Whether you are getting ready for back-to-school season, getting new work laptop or fancying a new gamer's pc, learn the steps to protect your new PC from cyberthreats.

The post Start as you mean to go on: the top 10 steps to securing your new computer appeared first on WeLiveSecurity

02 August 2022

Securing Your Move to the Hybrid Cloud

Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.

01 August 2022

911 Proxy Service Implodes After Disclosing Breach

911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations. The abrupt closure comes ten days after KrebsOnSecurity published an in-depth look at 911 and its connections to shady pay-per-install affiliate programs that secretly bundled 911’s proxy software with other titles, including “free” utilities and pirated software.

29 July 2022

Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe

Cybercriminals exploited a vulnerability to steal the equivalent of 18M$ from the NFT music streaming platform Audius, while other cyberthreats related to crypto makes the news.

The post Music streaming platform victim of a crypto theft – Week in security with Tony Anscombe appeared first on WeLiveSecurity

29 July 2022

Malicious Npm Packages Tapped Again to Target Discord Users

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.

29 July 2022

Staying safe online: How to browse the web securely

Learn to spot some of the threats that you can face while browsing online, and the best tips to stay safe on the web.

The post Staying safe online: How to browse the web securely appeared first on WeLiveSecurity

29 July 2022

Breach Exposes Users of Microleaves Proxy Service

Microleaves, a ten-year-old proxy service that lets customers route their web traffic through millions of Microsoft Windows computers, exposed their entire user database and the location of tens of millions of PCs running the proxy software. Microleaves claims its proxy software is installed with user consent. But research suggests Microleaves has a lengthy history of being supplied with new proxies by affiliates incentivized to install the software any which way they can -- such as by secretly bundling it with other software.

28 July 2022

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwart a popular way to deliver malicious phishing payloads.

28 July 2022

Messaging Apps Tapped as Platform for Cybercriminal Activity

Built-in Telegram and Discord services are fertile ground for storing stolen data, hosting malware and using bots for nefarious purposes.

27 July 2022

Cash App fraud: 10 common scams to watch out for

It pays to be careful – here’s how you can stay safe from fake giveaways, money flipping scams and other cons that fraudsters use to trick payment app users out of their hard-earned cash

The post Cash App fraud: 10 common scams to watch out for appeared first on WeLiveSecurity

27 July 2022

A Retrospective on the 2015 Ashley Madison Breach

It's been seven years since the online cheating site AshleyMadison.com was hacked and highly sensitive data about its users posted online. The leak led to the public shaming and extortion of many AshleyMadison users, and to at least two suicides. To date, little is publicly known about the perpetrators or the true motivation for the attack. But a recent review of AshleyMadison mentions across Russian cybercrime forums and far-right underground websites in the months leading up to the hack revealed some previously unreported details that may deserve further scrutiny.

26 July 2022

Novel Malware Hijacks Facebook Business Accounts

Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.

26 July 2022

Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

26 July 2022

IoT Botnets Fuels DDoS Attacks – Are You Prepared?

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.

26 July 2022