Cybersecurity News
Staff Think Conti Group Is a Legit Employer – Podcast
The ransomware group’s benefits – bonuses, employee of the month, performance reviews & top-notch training – might be better than yours, says BreachQuest’s Marco Figueroa.
Request for Comments: Web Software Module for the PCI Secure Software Standard
From 14 March to 12 April 2022, eligible stakeholders are invited to review and provide feedback on the Web Software Module for the PCI Secure Software Standard during a 30-day request for comments (RFC) period.
Cybercrooks’ Political In-Fighting Threatens the West
They’re choosing sides in the Russia-Ukraine war, beckoning previously shunned ransomware groups and thereby reinvigorating those groups' once-diminished power.
Automotive giant Denso confirms hack, Pandora ransomware group takes credit
Denso supplies Toyota, General Motors, and Honda, to name but a few.Ukraine reportedly adopts Clearview AI to track Russian invaders
The facial recognition technology has not been made available to Russia.Ubisoft reveals 'security incident' forcing company-wide password refresh
The gaming giant remains tight-lipped on the particulars of the assumed hack.A first look at threat intelligence and threat hunting tools
An overview of some of the most popular open-source tools for threat intelligence and threat hunting
The post A first look at threat intelligence and threat hunting tools appeared first on WeLiveSecurity
Russia Issues Its Own TLS Certs
The country’s citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA.
Week in security with Tony Anscombe
Gray zone conflicts in cyberspace – Can you identify fake news? – Top cybersecurity threats for the healthcare sector
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Report: Recent 10x Increase in Cyberattacks on Ukraine
As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield
Ukraine has been under cyber-fire for years now – here’s what you should know about various disruptive cyberattacks that have hit the country since 2014
The post ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield appeared first on WeLiveSecurity
Raccoon Stealer Crawls Into Telegram
The credential-stealing trash panda is using the chat app to store and update C2 addresses as crooks find creative new ways to distribute the malware.
Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers
Be careful when downloading a tool to cyber-target Russia: It could be an infostealer wolf dressed in sheep's clothing that grabs your cryptocurrency info instead.
True or false? How to spot – and stop – fake news
How can you tell fact from fiction and avoid falling for and spreading falsehoods about the war in Ukraine?
The post True or false? How to spot – and stop – fake news appeared first on WeLiveSecurity
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old "security by obscurity" ways.
Russia May Use Ransomware Payouts to Avoid Sanctions
FinCEN warns financial institutions to beware of unusual cryptocurrency payments or illegal transactions Russia may use to evade restrictions imposed due to its invasion of Ukraine.
Multi-Ransomwared Victims Have It Coming–Podcast
Let's blame the victim. IT decision makers' confidence about security doesn't jibe with their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles.
Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads
The ever-shifting, ever-more-powerful malware is now hijacking email threads to download malicious DLLs that inject password-stealing code into webpages, among other foul things.
APT41 Spies Broke Into 6 US State Networks via a Livestock App
The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks.