Cybersecurity News
Nation-state Hackers Target Journalists with Goldbackdoor Malware
A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight.
The trouble with BEC: How to stop the costliest internet scam
BEC fraud generated more losses for victims than any other type of cybercrime in 2021. It’s long past time that organizations got a handle on these scams.
The post The trouble with BEC: How to stop the costliest internet scam appeared first on WeLiveSecurity
No government and customer data was accessed.
Webcam hacking: How to know if someone may be spying on you through your webcam
Camfecting doesn’t ‘just’ invade your privacy – it could seriously impact your mental health and wellbeing. Here’s how to keep an eye on your laptop camera.
The post Webcam hacking: How to know if someone may be spying on you through your webcam appeared first on WeLiveSecurity
Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe
As the Five Eyes nations warn of attacks against critical infrastructure, we look at the potentially cascading effects of such attacks and how essential systems and services can ramp up their defense
The post Cybersecurity threats to critical infrastructure – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code
KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.Zero-Trust For All: A Practical Guide
How to use zero-trust architecture effectively in today's modern cloud-dependent infrastructures.
Skeletons in the Closet: Security 101 Takes a Backseat to 0-days
Nate Warfield, CTO at Prevailion, discusses the dangers of focusing on zero-day security vulnerabilities, and how security teams are being distracted from the day-to-day work that prevents most breaches.
LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave
For as long as crypto is lucrative, cyberattackers will try to cash in.Beanstalk DeFi project robbed of $182 million in flash loan attack
Reserves were drained after the attacker awarded themselves voting rights.Hive hackers are exploiting Microsoft Exchange Servers in ransomware spree
In one case, it took them less than 72 hours to infiltrate and hold a company to ransom.Warrior Trading forced to pay $3 million for 'misleading' day trading scheme
The FTC says the firm's owner made "bogus money-making claims."Critical infrastructure: Under cyberattack for longer than you might think
Lessons from history and recent attacks on critical infrastructure throw into sharp relief the need to better safeguard our essential systems and services
The post Critical infrastructure: Under cyberattack for longer than you might think appeared first on WeLiveSecurity
Most Email Security Approaches Fail to Block Common Threats
A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs.
Is your Lenovo laptop vulnerable to cyberattack?
Here’s what to know about vulnerabilities in more than 100 Lenovo consumer laptop models and what you can do right away to stay safe – all in under three minutes
The post Is your Lenovo laptop vulnerable to cyberattack? appeared first on WeLiveSecurity
How can we support young people in harnessing technology for progress?
Young people are not passive victims of technology or helpless addicts. They are technology creators and agents with diverse backgrounds and interests.
The post How can we support young people in harnessing technology for progress? appeared first on WeLiveSecurity
Google: 2021 was a Banner Year for Exploited 0-Day Bugs
Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes.
Rethinking Cyber-Defense Strategies in the Public-Cloud Age
Exploring what's next for public-cloud security, including top risks and how to implement better risk management.
Paving the Way: Inspiring Women in Payments - A Q&A featuring Rema N. Deo
After a highly respected and widely loved company director passed away, Rema Deo was promoted into his position. Stepping into his shoes as head of a regional technology area was a challenge, made even more difficult when her peers kept comparing her with the prior chief and expected her to fail. In this edition of our blog, Rema describes how she blazed her own trail, gained respect from her peers in her own right, and would go on to become an owner of her company.
‘CatalanGate’ Spyware Infections Tied to NSO Group
Citizen Lab uncovers multi-year campaign targeting autonomous region of Spain, called Catalonia.