Cybersecurity News


Adconion Execs Plead Guilty in Federal Anti-Spam Case

On the eve of their federal criminal trial for allegedly stealing vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct have agreed to plead guilty to lesser misdemeanor charges of fraud and misrepresentation via email.
10 June 2022

3 takeaways from RSA Conference 2022 – Week in security with Tony Anscombe

Here are three themes that stood out at the world's largest gathering of cybersecurity professionals

The post 3 takeaways from RSA Conference 2022 – Week in security with Tony Anscombe appeared first on WeLiveSecurity

10 June 2022

RSA – APIs, your organization’s dedicated backdoors

API-based data transfer is so rapid, there’s but little time to stop very bad things happening quickly

The post RSA – APIs, your organization’s dedicated backdoors appeared first on WeLiveSecurity

10 June 2022

U.S. Water Utilities Prime Cyberattack Target, Experts

U.S. Water Utilities Prime Cyberattack Target, Experts Environmentalists and policymakers warn water treatment plants are ripe for attack.
10 June 2022

Potent Emotet Variant Spreads Via Stolen Email Credentials

Potent Emotet Variant Spreads Via Stolen Email Credentials The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns.
10 June 2022

Why you can't trust Instagram

Weeks after I reported that my Instagram account had been hacked, Instagram remained silent. My account is now long gone.
09 June 2022

Feds Forced Travel Firms to Share Surveillance Data on Hacker

Feds Forced Travel Firms to Share Surveillance Data on Hacker Sabre and Travelport had to report the weekly activities of former “Cardplanet” cybercriminal Aleksei Burkov for two years, info that eventually led to his arrest and prosecution.
09 June 2022

RSA – Creepy real‑world edition

Digital fiddling somehow got mixed up in a real war

The post RSA – Creepy real‑world edition appeared first on WeLiveSecurity

09 June 2022

This new Linux malware is 'almost impossible' to detect

Symbiote is parasitic malware that provides rootkit-level functionality.
09 June 2022

RSA – Digital healthcare meets security, but does it really want to?

Technology is understandably viewed as a nuisance to be managed in pursuit of the health organizations’ primary mission

The post RSA – Digital healthcare meets security, but does it really want to? appeared first on WeLiveSecurity

08 June 2022

Taming the Digital Asset Tsunami

Taming the Digital Asset Tsunami Rob Gurzeev, CEO and Co-Founder of CyCognito, explores external attack surface soft spots tied to an ever-expanding number of digital assets companies too often struggle to keep track of and manage effectively.
08 June 2022

Paying Ransomware Paints Bigger Bullseye on Target’s Back

Paying Ransomware Paints Bigger Bullseye on Target’s Back Ransomware attackers often strike targets twice, regardless of whether the ransom was paid.
08 June 2022

Black Basta Ransomware Teams Up with Malware Stalwart Qbot

Black Basta Ransomware Teams Up with Malware Stalwart Qbot The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found.
08 June 2022

RSA – Spot the real fake

How erring on the side of privacy might ultimately save you from chasing down a virtual rendition of you doing the bidding of a scammer

The post RSA – Spot the real fake appeared first on WeLiveSecurity

07 June 2022

Apple's Safety Check combats domestic abuse but timing its use is critical

The feature is useful but has its limitations in fighting domestic and intimate partner violence.
07 June 2022

KrebsOnSecurity in New Netflix Series on Cybercrime

Netflix has a new documentary series airing next week -- "Web of Make Believe: Death, Lies & the Internet" -- in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of "swatting" -- wherein fake bomb threats or hostage situations are phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.
07 June 2022

Cyber Risk Retainers: Not Another Insurance Policy

Cyber Risk Retainers: Not Another Insurance Policy The costs associated with a cyberattack can be significant, especially if a company does not have an Incident Response plan that addresses risk.
07 June 2022

Conducting Modern Insider Risk Investigations

Conducting Modern Insider Risk Investigations Insider Risk Management requires a different approach than to those from external threats. IRM is unique from other domains of security in that the data sources which serve as inputs are as often people as they are tools. Shifting the analyst‘s mindset when handling risks presented by insiders requires us to move through the stages of inquiry, investigation, and determining outcomes.
07 June 2022

Follina Exploited by State-Sponsored Hackers

Follina Exploited by State-Sponsored Hackers A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets.
07 June 2022

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario.
07 June 2022