Cybersecurity News


Hacked Ring Cams Used to Record Swatting Victims

Two U.S. men have been charged with hacking into the Ring home security cameras of a dozen random people and then "swatting" them -- falsely reporting a violent incident at the target's address to trick local police into responding with force. Prosecutors say the duo used the compromised Ring devices to stream live video footage on social media of police raiding their targets' homes, and to taunt authorities when they arrived.
19 December 2022

How to set up parental controls on your child’s new smartphone

Give yourself peace of mind and help create a safe online space for your child using Android or iOS parental controls

The post How to set up parental controls on your child’s new smartphone appeared first on WeLiveSecurity

19 December 2022

MirrorFace aims for high‑value targets in Japan – Week in security with Tony Anscombe

The group's proprietary backdoor LODEINFO delivers additional malware, exfiltrates credentials, and steals documents and emails

The post MirrorFace aims for high‑value targets in Japan – Week in security with Tony Anscombe appeared first on WeLiveSecurity

16 December 2022

Clare O’Neil on national security amid cyber hacks and threats to democracy

Clare O’Neil on national security amid cyber hacks and threats to democracy

In the final episode of Australian Politics for 2022, political editor Katharine Murphy speaks to the minister for home affairs and cyber security Clare O’Neil about the strategic challenges for Australia and the region. These include the increased likelihood of cyber-attacks, decreasing trust in democracy and growing risks of foreign interference

Read more:
Home affairs and the long view – Clare O’Neil’s speech at the National Press Club

Continue reading...
16 December 2022

Help! My kid has asked Santa for a smartphone

The time has come for your child to receive their first smartphone. Before handing it over, however, make sure to help them use their new gadget safely and responsibly.

The post Help! My kid has asked Santa for a smartphone appeared first on WeLiveSecurity

16 December 2022

Windows: Still insecure after all these years

OPINION: With every Windows release, Microsoft promises better security. And, sometimes, it makes improvements. But then, well then, we see truly ancient security holes show up yet again.
15 December 2022

Traveling for the holidays? Stay cyber‑safe with these tips

Holiday travel is back with a vengeance this year. Set yourself up for a cyber-safe and hassle-free trip with our checklist.

The post Traveling for the holidays? Stay cyber‑safe with these tips appeared first on WeLiveSecurity

15 December 2022

Six Charged in Mass Takedown of DDoS-for-Hire Sites

The U.S. Department of Justice (DOJ) today seized four-dozen domains that sold “booter” or “stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (DDoS) attacks designed knock targets offline. The DOJ also charged six U.S. men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services.
14 December 2022

Coffee with the Council Podcast: What is Mobile Payments on COTS? Understanding PCI SSC’s New Standard for Mobile Solutions

 

Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, senior manager of public relations for the PCI Security Standards Council. Last month, the Council published a new standard, the highly anticipated Mobile Payments on COTS Standard or MPoC. Today, we'll learn more about what the standard is all about and who it will impact. Here to talk more about MPoC is our Vice President of Solutions Standards, Andrew Jamieson. Thank you for joining me today, Andrew.

14 December 2022

Microsoft Patch Tuesday, December 2022 Edition

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day vulnerability in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell, and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week's Patch Tuesday.
14 December 2022

Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities

ESET researchers discovered a spearphishing campaign targeting Japanese political entities a few weeks before the House of Councillors elections, and in the process uncovered a previously undescribed MirrorFace credential stealer

The post Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities appeared first on WeLiveSecurity

14 December 2022

TPG reveals emails of 15,000 iiNet and Westnet customers exposed in hack

TPG reveals emails of 15,000 iiNet and Westnet customers exposed in hack

Telecommunications company says hacker searched for customers’ cryptocurrency and financial information

Telecommunications giant TPG has revealed an email-hosting service used by up to 15,000 iiNet and Westnet customers has been breached, with the hacker looking for cryptocurrency and other financial information.

TPG said in a release to the Australian Securities Exchange (ASX) on Wednesday that cybersecurity firm Mandiant had found evidence of unauthorised access to a Hosted Exchange service used by iiNet and Westnet customers.

Continue reading...
13 December 2022

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online -- using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself.
13 December 2022

PCI DSS v4.0: Roles and Responsibilities for the Customized Approach

 

This blog is the third in a series of articles on the customized approach. The first article in this series provided a high-level overview of the customized approach and explored the difference between compensating controls and the customized approach. The second article focused on considerations for entities thinking about implementing a customized approach and provided details about the customized approach resources included in PCI DSS and the PCI DSS Report on Compliance Template. This article focuses on roles and responsibilities for the customized approach, both for the entity developing and implementing a customized approach and for the assessor when reviewing a customized approach as part of a PCI DSS assessment. 

13 December 2022

Top tips for security‑ and privacy‑enhancing holiday gifts

Think outside the (gift) box. Here are a few ideas for security and privacy gifts to get for your relatives – or even for yourself. Some don’t cost a penny!

The post Top tips for security‑ and privacy‑enhancing holiday gifts appeared first on WeLiveSecurity

13 December 2022

Paving the Way: Inspiring Women in Payments - A Q&A featuring Jane Goodayle

 

Jane Goodayle believes that unconscious bias exists in every industry. Sometimes, even just the perception of the industry as “male dominated” can discourage women from participating. In this edition of our blog, Jane explains that women can push back against unconscious bias by continuing to bring our “A” game, expose unfair stereotyping, and challenge the ‘expected and accepted’ to prompt change. She believes that encouraging more woman into the industry will change its perception and inspire younger generations to choose a career in technology.

12 December 2022

Cybersecurity Trends 2023: Securing our hybrid lives

ESET experts offer their reflections on what the continued blurring of boundaries between different spheres of life means for our human and social experience – and especially our cybersecurity and privacy

The post Cybersecurity Trends 2023: Securing our hybrid lives appeared first on WeLiveSecurity

12 December 2022

Telstra sorry for publishing up to 130,000 customers’ details online

Telstra sorry for publishing up to 130,000 customers’ details online

Release of names, numbers and addresses of some unlisted customers was not due to cyber-attack

Telstra has apologised after publishing the details of thousands of customers online.

The company said the release of the names, numbers and addresses of some unlisted customers was not the result of any malicious cyber-attack and was a mistake. Reports say up to 130,000 customers have been affected.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...
10 December 2022

Diamond industry under attack – Week in security with Tony Anscombe

ESET researchers uncover a new wiper and its execution tool, both attributed to the Iran-aligned Agrius APT group

The post Diamond industry under attack – Week in security with Tony Anscombe appeared first on WeLiveSecurity

09 December 2022

Xenomorph: What to know about this Android banking trojan

Xenomorph pilfers victims' login credentials for banking, payment, social media, cryptocurrency and other apps with valuable data

The post Xenomorph: What to know about this Android banking trojan appeared first on WeLiveSecurity

09 December 2022