1. Nmap Online
  2. Cybersecurity News

Cybersecurity News

Data breach hits 30,000 signed up to workplace pensions provider

Data breach hits 30,000 signed up to workplace pensions provider

Fraud worries as UK company Now:Pensions says ‘third-party contractor’ posted personal details of clients to online public forum

About 30,000 customers of Now:Pensions face an anxious Christmas after a serious data breach at the pensions provider led to their sensitive personal details being posted on the internet.

In an email sent to affected customers, the workplace pensions firm warned that names, postal and email addresses, birth dates and National Insurance numbers all appeared in a public forum online.

Continue reading...
23 December 2020

Lazarus Group Seeks Intelligence Related to COVID-19

Researchers attribute attacks targeting a pharmaceutical company and a government ministry related to COVID-19 response.
23 December 2020

Third-Party APIs: How to Prevent Enumeration Attacks

Third-Party APIs: How to Prevent Enumeration Attacks Jason Kent, hacker-in-residence at Cequence, walks through online-retail card fraud and what to do about it.
23 December 2020

Hey Alexa, Who Am I Messaging?

Hey Alexa, Who Am I Messaging? Research shows that microphones on digital assistants are sensitive enough to record what someone is typing on a smartphone to steal PINs and other sensitive info.
23 December 2020

Emotet Returns to Hit 100K Mailboxes Per Day

Emotet Returns to Hit 100K Mailboxes Per Day Just in time for the Christmas holiday, Emotet is sending the gift of Trickbot.
23 December 2020

Enterprise IoT Security Is a Supply Chain Problem

Organizations that wish to take advantage of the potential benefits of IoT systems in enterprise environments should start evaluating third-party risk during the acquisition process.
23 December 2020

7 ways malware can get into your device

You know that malware is bad, but are you also aware of the various common ways in which it can infiltrate your devices?

The post 7 ways malware can get into your device appeared first on WeLiveSecurity

23 December 2020

DHS warns against using Chinese hardware and digital services

US says Chinese companies are engaging in "PRC government-sponsored data theft."
22 December 2020

SolarWinds Campaign Focuses Attention on 'Golden SAML' Attack Vector

Adversaries that successfully execute attack can achieve persistent anytime, anywhere access to a victim network, security researchers say.
22 December 2020

Emotet Campaign Restarts After Seven-Week Hiatus

Multiple security researchers note the return of an email campaign attempting to spread the malware, which is often used to drop the Ryuk ransomware and Trickbot banking Trojan.
22 December 2020

Microsoft Ups Security of Azure AD, Identity

A roundup of Microsoft's recent security news and updates that focus on protecting identity.
22 December 2020

Holiday Puppy Swindle Has Consumers Howling

Holiday Puppy Swindle Has Consumers Howling Those buying German Shepherd puppies for Bitcoin online are in for a ruff ride.
22 December 2020

Test

Test More than 45 million unique images, such as X-rays and MRI scans, are accessible to anyone on the Internet, security firm says.
22 December 2020

5 Email Threat Predictions for 2021

5 Email Threat Predictions for 2021 As domains get cheaper, account takeovers get easier, and cloud computing usage expands, email-borne attacks will take advantage.
22 December 2020

Prepare to Fight Upcoming Cyber-Threat Innovations

Cybercriminals are preparing to use computing performance innovations to launch new types of attacks.
22 December 2020

Law Enforcement Disrupts VPN Services Enabling Cybercrime

The United States and international partners shut down three bulletproof hosting services used to facilitate criminal activity.
22 December 2020

Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group

Tech Giants Lend WhatsApp Support in Spyware Case Against NSO Group Google, Microsoft, Cisco Systems and others want appeals court to deny immunity to Israeli company for its alleged distribution of spyware and illegal cyber-surveillance activities.
22 December 2020

Joker’s Stash Carding Site Taken Down, for Now

Joker’s Stash Carding Site Taken Down, for Now The underground payment-card data broker saw its blockchain DNS sites taken offline after an apparent law-enforcement effort.
22 December 2020

Security as Code: How Repeatable Policy-Driven Deployment Improves Security

The SaC approach lets users codify and enforce a secure state of application configuration deployment that limits risk.
22 December 2020

Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks

Patrick Wardle on Hackers Leveraging ‘Powerful’ iOS Bugs in High-Level Attacks Noted Apple security expert Patrick Wardle discusses how cybercriminals are stepping up their game in targeting Apple users with new techniques and cyberattacks.
22 December 2020