Kazakh Govt. Used Spyware Against ProtestersResearchers have discovered that a Kazakhstan government entity deployed sophisticated Italian spyware within its borders.
Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware AttackA reported a "potentially dangerous piece of functionality" allows an attacker to launch an attack on cloud infrastructure and ransom files stored in SharePoint and OneDrive.
Magecart attacks are still around. And they are becoming more stealthyThey might not be the hottest topics in the cybersecurity realm anymore, but they are still a problem.
Voicemail Scam Steals Microsoft CredentialsAttackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details.
Phishing awareness training: Help your employees avoid the hook
Educating employees about how to spot phishing attacks can strike a much-needed blow for network defenders
The post Phishing awareness training: Help your employees avoid the hook appeared first on WeLiveSecurity
1.5 million customers impacted by Flagstar Bank data breachThe security incident occurred in December 2021.
Why Paper Receipts are Money at the Drive-ThruCheck out the handmade sign posted to the front door of a shuttered Jimmy John's sandwich chain shop in Missouri last week. See if you can tell from the store owner's message what happened.
Crypto mixers: What are they and how are they used?
How crypto mixers, also known as crypto tumblers, are used to obscure the trail of digital money
The post Crypto mixers: What are they and how are they used? appeared first on WeLiveSecurity
How to spot malicious spam – Week in security with Tony Anscombe
As the risk of receiving a malware-laden email increases, take a moment to consider how to spot attacks involving malicious spam
The post How to spot malicious spam – Week in security with Tony Anscombe appeared first on WeLiveSecurity
China-linked APT Flew Under Radar for DecadeEvidence suggests that a just-discovered APT has been active since 2013.
State-Sponsored Phishing Attack Targeted Israeli Military OfficialsAnalysts have uncovered an Iran-linked APT sending malicious emails to top Israeli government officials.
Ransomware Risk in Healthcare Endangers PatientsRyan Witt, Proofpoint's Healthcare Cybersecurity Leader, examines the impact of ransomware on patient care.
Facebook Messenger Scam Duped MillionsOne well crafted phishing message sent via Facebook Messenger ensnared 10 million Facebook users and counting.
How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security
Emotet malware is back with ferocious vigor, according to ESET telemetry in the first four months of 2022. Will it survive the ever-tightening controls on macro-enabled documents?
The post How Emotet is changing tactics in response to Microsoft’s tightening of Office macro security appeared first on WeLiveSecurity
DragonForce Gang Unleash Hacks Against Govt. of IndiaIn response to a comment about the Prophet Mohammed, a hacktivist group in Malaysia has unleashed a wave of cyber attacks in India.
Travel-related Cybercrime Takes Off as Industry ReboundsUpsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists.
In Cybersecurity, What You Can’t See Can Hurt YouThe dangers to SMBs and businesses of all sizes from cyberattacks are well known. But what’s driving these attacks, and what do cybersecurity stakeholders need to do that they’re not already doing?
Microsoft Patch Tuesday, June 2022 EditionMicrosoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that's seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year.
Ransomware Group Debuts Searchable Victim DataCybercrime groups that specialize in stealing corporate data and demanding a ransom not to publish it have tried countless approaches to shaming their victims into paying. The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. Today, however, the group began publishing individual victim websites on the public Internet, with the leaked data made available in an easily searchable form.
Paving the Way: Inspiring Women in Payments - A Q&A featuring Laura Godoy
Laura Godoy is all too familiar with the “glass ceiling” that exists for women in technology professions. Over the years she has seen many women abandon their careers and their dreams because of societal beliefs about the roles of women. In this edition of our blog, Laura discusses her passion for fighting for equality for women in technology professions and how women already have the tools to change their working conditions.