Cybersecurity News


Large-Scale Phishing Campaign Bypasses MFA

Large-Scale Phishing Campaign Bypasses MFA Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets.
13 July 2022

Collaboration and knowledge sharing key to progress in cybersecurity

In a world of ever-evolving cyberthreats, collaboration and knowledge exchange are vital for keeping an edge on attackers

The post Collaboration and knowledge sharing key to progress in cybersecurity appeared first on WeLiveSecurity

13 July 2022

Microsoft Patch Tuesday, July 2022 Edition

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet.
12 July 2022

How War Impacts Cyber Insurance

How War Impacts Cyber Insurance Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market.
12 July 2022

‘Callback’ Phishing Campaign Impersonates Security Firms

‘Callback’ Phishing Campaign Impersonates Security Firms Victims instructed to make a phone call that will direct them to a link for downloading malware.
12 July 2022

Play it safe: 5 reasons not to download pirated games

It’s all fun and games until you get hacked – and this is just one risk of downloading cracked games

The post Play it safe: 5 reasons not to download pirated games appeared first on WeLiveSecurity

12 July 2022

Rethinking Vulnerability Management in a Heightened Threat Landscape

Rethinking Vulnerability Management in a Heightened Threat Landscape Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist.
11 July 2022

Popular NFT Marketplace Phished for $540M

Popular NFT Marketplace Phished for $540M In March, a North Korean APT siphoned blockchain gaming platform Axie Infinity of $540M.
11 July 2022

Unveiling the New PCI SSC Website


The PCI Security Standards Council is pleased to announce the completion of the first phase of our newly redesigned website. The Council is committed to providing the latest payment security standards, training programs, certified listings, and educational resources to our global stakeholders- and the website is our primary channel to deliver this content. PCI SSC has prioritized feedback from the industry to improve the overall user experience. Visitors to our website will notice enhanced search functionality, improved navigation, and design changes which aid in making our site accessible to all.

11 July 2022

Experian, You Have Some Explaining to Do

Twice in the past month KrebsOnSecurity has heard from readers who've had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn't theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim's personal information and a different email address.
11 July 2022

Sneaky Orbit Malware Backdoors Linux Devices

Sneaky Orbit Malware Backdoors Linux Devices The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.
08 July 2022

Avoid travel digital disasters – Week in security with Tony Anscombe

Vacations are a great time to unwind, but if you're not careful, you may face a digital disaster. Here's how to keep your devices and data secure while you're on the move

The post Avoid travel digital disasters – Week in security with Tony Anscombe appeared first on WeLiveSecurity

08 July 2022

U.S. Healthcare Orgs Targeted with Maui Ransomware

U.S. Healthcare Orgs Targeted with Maui Ransomware State-sponsored actors are deploying the unique malware--which targets specific files and leaves no ransomware note--in ongoing attacks.
08 July 2022

Driving to France this summer? Watch out for scam websites before you go

Scammers don't take the summer off – be on your guard when buying your Crit'Air sticker

The post Driving to France this summer? Watch out for scam websites before you go appeared first on WeLiveSecurity

08 July 2022

How to keep your home secure when you travel

With travel stressful enough, you don't need the anxiety of wondering if your home is protected.
07 July 2022

Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol

Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.
07 July 2022

Apple to launch ‘lockdown mode’ to protect against Pegasus-style hacks

Apple to launch ‘lockdown mode’ to protect against Pegasus-style hacks

Firm says function is intended for users who face ‘grave, targeted threats to their digital security’

Apple is launching a “lockdown mode” for its devices to protect people – including journalists and human rights activists – targeted by hacking attacks like those launched by government clients of NSO Group using its Pegasus spyware.

Apple will roll out the setting in the autumn and believes it would have prevented previously known spyware attacks by closing down technical avenues for digital espionage. It said the lockdown mode was intended for users who face “grave, targeted threats to their digital security”.

Continue reading...
06 July 2022

Human Error Blamed for Leak of 1 Billion Records of Chinese Citizens

Human Error Blamed for Leak of 1 Billion Records of Chinese Citizens A developer appears to have divulged credentials to a police database on a popular developer forum, leading to a breach and subsequent bid to sell 23 terabytes of personal data on the dark web.
06 July 2022

8 common Facebook Marketplace scams and how to avoid them

Here’s what to watch out for when buying or selling stuff on the online marketplace and how to tell if you’re being scammed

The post 8 common Facebook Marketplace scams and how to avoid them appeared first on WeLiveSecurity

06 July 2022

Google to wipe user location history for visits to healthcare clinics, domestic violence shelters

Even if location history is enabled, visits to locations considered sensitive will be removed from logs.
05 July 2022