Cybersecurity News
Hacked Ring Cams Used to Record Swatting Victims
Two U.S. men have been charged with hacking into the Ring home security cameras of a dozen random people and then "swatting" them -- falsely reporting a violent incident at the target's address to trick local police into responding with force. Prosecutors say the duo used the compromised Ring devices to stream live video footage on social media of police raiding their targets' homes, and to taunt authorities when they arrived.How to set up parental controls on your child’s new smartphone
Give yourself peace of mind and help create a safe online space for your child using Android or iOS parental controls
The post How to set up parental controls on your child’s new smartphone appeared first on WeLiveSecurity
MirrorFace aims for high‑value targets in Japan – Week in security with Tony Anscombe
The group's proprietary backdoor LODEINFO delivers additional malware, exfiltrates credentials, and steals documents and emails
The post MirrorFace aims for high‑value targets in Japan – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Clare O’Neil on national security amid cyber hacks and threats to democracy

In the final episode of Australian Politics for 2022, political editor Katharine Murphy speaks to the minister for home affairs and cyber security Clare O’Neil about the strategic challenges for Australia and the region. These include the increased likelihood of cyber-attacks, decreasing trust in democracy and growing risks of foreign interference
Read more:
Home affairs and the long view – Clare O’Neil’s speech at the National Press Club
Help! My kid has asked Santa for a smartphone
The time has come for your child to receive their first smartphone. Before handing it over, however, make sure to help them use their new gadget safely and responsibly.
The post Help! My kid has asked Santa for a smartphone appeared first on WeLiveSecurity
Windows: Still insecure after all these years
OPINION: With every Windows release, Microsoft promises better security. And, sometimes, it makes improvements. But then, well then, we see truly ancient security holes show up yet again.Traveling for the holidays? Stay cyber‑safe with these tips
Holiday travel is back with a vengeance this year. Set yourself up for a cyber-safe and hassle-free trip with our checklist.
The post Traveling for the holidays? Stay cyber‑safe with these tips appeared first on WeLiveSecurity
Six Charged in Mass Takedown of DDoS-for-Hire Sites
The U.S. Department of Justice (DOJ) today seized four-dozen domains that sold “booter” or “stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (DDoS) attacks designed knock targets offline. The DOJ also charged six U.S. men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services.Coffee with the Council Podcast: What is Mobile Payments on COTS? Understanding PCI SSC’s New Standard for Mobile Solutions
Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, senior manager of public relations for the PCI Security Standards Council. Last month, the Council published a new standard, the highly anticipated Mobile Payments on COTS Standard or MPoC. Today, we'll learn more about what the standard is all about and who it will impact. Here to talk more about MPoC is our Vice President of Solutions Standards, Andrew Jamieson. Thank you for joining me today, Andrew.
Microsoft Patch Tuesday, December 2022 Edition
Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week's Patch Tuesday.Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities
ESET researchers discovered a spearphishing campaign targeting Japanese political entities a few weeks before the House of Councillors elections, and in the process uncovered a previously undescribed MirrorFace credential stealer
The post Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities appeared first on WeLiveSecurity
TPG reveals emails of 15,000 iiNet and Westnet customers exposed in hack

Telecommunications company says hacker searched for customers’ cryptocurrency and financial information
- Follow our Australia news live blog for the latest updates
- Get our morning and afternoon news emails, free app or daily news podcast
Telecommunications giant TPG has revealed an email-hosting service used by up to 15,000 iiNet and Westnet customers has been breached, with the hacker looking for cryptocurrency and other financial information.
TPG said in a release to the Australian Securities Exchange (ASX) on Wednesday that cybersecurity firm Mandiant had found evidence of unauthorised access to a Hosted Exchange service used by iiNet and Westnet customers.
Continue reading...FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked
InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online -- using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.PCI DSS v4.0: Roles and Responsibilities for the Customized Approach
This blog is the third in a series of articles on the customized approach. The first article in this series provided a high-level overview of the customized approach and explored the difference between compensating controls and the customized approach. The second article focused on considerations for entities thinking about implementing a customized approach and provided details about the customized approach resources included in PCI DSS and the PCI DSS Report on Compliance Template. This article focuses on roles and responsibilities for the customized approach, both for the entity developing and implementing a customized approach and for the assessor when reviewing a customized approach as part of a PCI DSS assessment.
Top tips for security‑ and privacy‑enhancing holiday gifts
Think outside the (gift) box. Here are a few ideas for security and privacy gifts to get for your relatives – or even for yourself. Some don’t cost a penny!
The post Top tips for security‑ and privacy‑enhancing holiday gifts appeared first on WeLiveSecurity
Paving the Way: Inspiring Women in Payments - A Q&A featuring Jane Goodayle
Jane Goodayle believes that unconscious bias exists in every industry. Sometimes, even just the perception of the industry as “male dominated” can discourage women from participating. In this edition of our blog, Jane explains that women can push back against unconscious bias by continuing to bring our “A” game, expose unfair stereotyping, and challenge the ‘expected and accepted’ to prompt change. She believes that encouraging more woman into the industry will change its perception and inspire younger generations to choose a career in technology.
Cybersecurity Trends 2023: Securing our hybrid lives
ESET experts offer their reflections on what the continued blurring of boundaries between different spheres of life means for our human and social experience – and especially our cybersecurity and privacy
The post Cybersecurity Trends 2023: Securing our hybrid lives appeared first on WeLiveSecurity
Telstra sorry for publishing up to 130,000 customers’ details online

Release of names, numbers and addresses of some unlisted customers was not due to cyber-attack
- Follow our Australia news live blog for the latest updates
- Get our morning and afternoon news emails, free app or daily news podcast
Telstra has apologised after publishing the details of thousands of customers online.
The company said the release of the names, numbers and addresses of some unlisted customers was not the result of any malicious cyber-attack and was a mistake. Reports say up to 130,000 customers have been affected.
Continue reading...Diamond industry under attack – Week in security with Tony Anscombe
ESET researchers uncover a new wiper and its execution tool, both attributed to the Iran-aligned Agrius APT group
The post Diamond industry under attack – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Xenomorph: What to know about this Android banking trojan
Xenomorph pilfers victims' login credentials for banking, payment, social media, cryptocurrency and other apps with valuable data
The post Xenomorph: What to know about this Android banking trojan appeared first on WeLiveSecurity