Cybersecurity News


Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
29 August 2022

Ransomware Attacks are on the Rise

Ransomware Attacks are on the Rise Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
26 August 2022

French hospital crippled by cyberattack – Week in security with Tony Anscombe

As another hospital falls victim to ransomware, Tony weighs in on the much-debated issue of banning ransomware payouts

The post French hospital crippled by cyberattack – Week in security with Tony Anscombe appeared first on WeLiveSecurity

26 August 2022

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Cybercriminals Are Selling Access to Chinese Surveillance Cameras Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
25 August 2022

What is doxing and how to protect yourself

Doxing can happen to anyone – here’s how you can reduce the odds that your personal information will be weaponized against you

The post What is doxing and how to protect yourself appeared first on WeLiveSecurity

25 August 2022

Twitter Whistleblower Complaint: The TL;DR Version

Twitter Whistleblower Complaint: The TL;DR Version Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.
24 August 2022

How Twitter’s whistleblower could boost Elon Musk’s legal battle

How Twitter’s whistleblower could boost Elon Musk’s legal battle

Peiter Zatko, former security chief, brought allegations of widespread security threats and spam concerns against the company

New whistleblower allegations of widespread security threats and spam concerns at Twitter may give Elon Musk ammunition in his fight to back out of a deal to buy the company.

On Tuesday, an 84-page complaint written by Twitter’s former security chief turned whistleblower, Peiter Zatko, alleged that Twitter prioritizes user growth over reducing spam, did not have a plan in place for major security issues, and that half the company’s servers were running out-of-date and vulnerable software.

Continue reading...
24 August 2022

Firewall Bug Under Active Attack Triggers CISA Warning

Firewall Bug Under Active Attack Triggers CISA Warning CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.
23 August 2022

Is your personal data all over the internet? 7 steps to cleaning up your online presence

You may not be able to disappear completely from the internet, but you can minimize your digital footprint with a few simple steps

The post Is your personal data all over the internet? 7 steps to cleaning up your online presence appeared first on WeLiveSecurity

23 August 2022

Paving the Way: Inspiring Women in Payments - A Q&A featuring Viviana Wesley

 

Although Viviana Wesley always knew that she wanted a career in computers and technology, when she first started pursuing it, she realized her strengths were not in coding. But, through the guidance of a friend, she was redirected into IT Support and a new world opened for her; a dynamic world where she could use her technical expertise to help people, which is what she truly wanted to do. In this edition of our blog, Viviana describes why soft skills are critically important in this industry and how women are particularly adept at bridging communication gaps between technology and business.

22 August 2022

Fake Reservation Links Prey on Weary Travelers

Fake Reservation Links Prey on Weary Travelers Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.
22 August 2022

CEO of Israeli Pegasus spyware firm NSO to step down

CEO of Israeli Pegasus spyware firm NSO to step down

CEO Shalev Hulio is stepping down as part of NSO reorganisation that will see it focus on sales in Nato member countries

Israel’s NSO Group, which makes the globally controversial Pegasus spyware said on Sunday its CEO Shalev Hulio would step down as part of a reorganisation.

The indebted, privately owned company also said it would focus sales on countries belonging to the Nato alliance.

Continue reading...
21 August 2022

We can make our phones harder to hack but complete security is a pipe dream | John Naughton

We can make our phones harder to hack but complete security is a pipe dream | John Naughton Even the latest iPhone scare won’t persuade us to choose safety over convenience

Apple caused a stir a few weeks ago when it announced that the forthcoming update of its mobile and laptop operating systems would contain an optional high-security mode that would provide users with an unprecedented level of protection against powerful “spyware” software that surreptitiously obtains control of their devices.

It’s called Lockdown Mode and, according to Apple, “offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of the most sophisticated digital threats, such as those from NSO Group and other private companies developing state-sponsored mercenary spyware”.

Continue reading...
21 August 2022

Google and Apple both release patches against zero‑day vulnerabilities – Week in security with Tony Anscombe

Zero-day vulnerabilities are super active and Google and Apple are acting to patch these vulnerabilities, some of which seen on-the-wild.

The post Google and Apple both release patches against zero‑day vulnerabilities – Week in security with Tony Anscombe appeared first on WeLiveSecurity

19 August 2022

iPhone Users Urged to Update to Patch 2 Zero-Days

iPhone Users Urged to Update to Patch 2 Zero-Days Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
19 August 2022

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. The missives -- which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction -- state that the user's account is about to be charged hundreds of dollars. Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote control over their computer.
18 August 2022

Google Patches Chrome’s Fifth Zero-Day of the Year

Google Patches Chrome’s Fifth Zero-Day of the Year Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. The bug, tracked as CVE-2022-2856 and rated as high on the Common Vulnerability Scoring System (CVSS), is associated with “insufficient validation of untrusted input in Intents,” […]
18 August 2022

A step‑by‑step guide to enjoy LinkedIn safely

LinkedIn privacy settings are just as overwhelming as any other social media settings. There’s a lot of menus, a lot buttons to enable, select, accept or reject. To make sure you have control over your information we bring you a step-by-step guide on how to enjoy LinkedIn safely.

The post A step‑by‑step guide to enjoy LinkedIn safely appeared first on WeLiveSecurity

18 August 2022

APT Lazarus Targets Engineers with macOS Malware

APT Lazarus Targets Engineers with macOS Malware The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems.
17 August 2022

When Efforts to Contain a Data Breach Backfire

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. The administrator responded to this empty threat by purchasing the stolen banking data and leaking it on the forum for everyone to download.
16 August 2022