Cybersecurity News
The Art of Non-boring Cybersec Training–Podcast
With human error being the common factor in most cyberattacks, employee training has got to get better. To that end, Trustwave cybersec training expert Darren Van Booven explains the importance of fish stress balls and management buy-in.
Darktrace acquires attack surface analytics firm Cybersprint
Darktrace says the deal will bolster the firm's artificial intelligence (AI) capabilities.HermeticWiper: New data‑wiping malware hits Ukraine
Hundreds of computers in Ukraine compromised just hours after a wave of DDoS attacks brings down a number of Ukrainian websites
The post HermeticWiper: New data‑wiping malware hits Ukraine appeared first on WeLiveSecurity
Samsung Shattered Encryption on 100M Phones
One cryptography expert said that 'serious flaws' in the way Samsung phones encrypt sensitive material, as revealed by academics, are 'embarrassingly bad.'
Sextortion Rears Its Ugly Head Again
Attackers are sending email blasts with malware links in embedded PDFs as a way to evade email filters, lying about having fictional "video evidence."
Coffee with the Council Podcast: What’s New in 2022 Featuring Lance Johnson
Alicia Malone: Welcome to the first episode of our new podcast series, “Coffee with The Council”. I'm Alicia Malone, senior manager of public relations for the PCI Security Standards Council. Today, we'll be talking about what you can expect in the year ahead for PCI SSC with Lance Johnson, our executive director. Welcome, Lance.
Creaky Old WannaCry, GandCrab Top the Ransomware Scene
Nothing like zombie campaigns: WannaCry's old as dirt, and GandCrab threw in the towel years ago. They're on auto-pilot at this point, researchers say.
Technology, Progress, and Climate
The climate solutions we need to transform every sector are here. The question is: what role will you play in this transformation? You, your community, your business, your government?
The post Technology, Progress, and Climate appeared first on WeLiveSecurity
Malware authors target rivals with malicious npm packages
Trojan packages reveal what could be internal rivalry between cybercriminals.These new hacking groups are striking industrial, operational tech targets
Two of the new groups are sophisticated enough to reach ICS/OT networks directly.Hackers tried to shatter the spine of global supply chains in 2021
IBM researchers say supply chains were the focus of criminals last year and manufacturers bore the brunt of attacks.Gaming, Banking Trojans Dominate Mobile Malware Scene
The overall number of attacks on mobile users is down, but they're getting slicker, both in terms of malware functionality and vectors, researchers say.
Cyberattackers Cook Up Employee Personal Data Heist for Meyer
The Conti gang breached the cookware giant's network, prepping thousands of employees’ personal data for consumption by cybercrooks.
Police use of Pegasus malware not illegal, Israeli inquiry finds
Police have been accused of spying on at least 26 individuals who are not criminal suspects
An inquiry into allegations that Israel’s police force systematically hacked into the mobile phones of Israeli citizens has found that while the police did use NSO Group’s controversial Pegasus malware, there is no evidence suggesting illegality.
In a series of explosive reports over the last two months, the local financial daily newspaper Calcalist accused the police of spying on at least 26 individuals who were not criminal suspects. Those named included politicians, protesters, and members of the former prime minister Benjamin Netanyahu’s inner circle – claims Netanyahu used to delay proceedings in his corruption trial.
Continue reading...Xenomorph Malware Burrows into Google Play Users, No Facehugger Required
Researchers discovered a new, modular banking trojan with ties to Cerberus and Alien that has the capability to become a much larger threat than it is now.
IRS: Selfies Now Optional, Biometric Data to Be Deleted
The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs the agency's identity proofing system. The IRS also said any biometric data already shared with ID.me would be permanently deleted over the next few weeks, and any biometric data provided for new signups will be destroyed after an account is created.Report: Missouri Governor’s Office Responsible for Teacher Data Leak
Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they… Read More »Teenage cybercrime: How to stop kids from taking the wrong path
It’s never too late to prevent children from being dragged to the dark side and to ensure their skills are a force for good
The post Teenage cybercrime: How to stop kids from taking the wrong path appeared first on WeLiveSecurity
Almost 100,000 new mobile banking Trojan strains detected in 2021
Mobile malware used to be relatively rare. Now, the focus has pivoted from PCs to our handsets.NFT Investors Lose $1.7M in OpenSea Phishing Attack
Attackers took advantage of a smart-contract migration to swindle 17 users.