Cybersecurity News
Where Bug Bounty Programs Fall Flat
Some criminals package exploits into bundles to sell on cybercriminal forums years after they were zero days, while others say bounties aren't enough .
The Future of PCI SSC Mobile Standards
The Council is currently working on the next evolution of its mobile security standards. To date, PCI SSC has two mobile standards: PCI Software-based PIN Entry on COTS (SPoC) Standard, which provides a software-based approach for protecting PIN entry on the wide variety of COTS devices, and PCI Contactless Payments on COTS (CPoC) Standard which addresses security for solutions that enable merchants to accept contactless payments using a smartphone or other commercial off-the-shelf (COTS) mobile device with near-field communication (NFC).
Return to Basics: Email Security in the Post-COVID Workplace
As we reimagine the post-pandemic workplace, we must also reevaluate post-pandemic email security practices.Name That Edge Toon: In Tow
Feeling creative? Submit your caption in the comments, and our panel of experts will reward the winner with a $25 Amazon gift card.
CISO Confidence Is Rising, but Issues Remain
New research reveals how global CISOs dealt with COVID-19 and their plans for 2022-2023.How Mobile Ad Fraud has Evolved in the Year of the Pandemic
Mobile ad fraud has always been a challenge for network operators in all parts of the globe, but the pandemic has made users more vulnerable than ever before due to the sheer amount of time they now spend with their devices.
Cybersecurity Group Hopes to Push 30 More National Priorities
The Cyberspace Solarium Commission worked with legislators and the Trump administration to get 27 recommendations implemented in policy last year. It's aiming for 30 more in 2021.Cyberattack Forces Meat Producer to Shut Down Operations in U.S., Australia
Global food distributor JBS Foods suffered an unspecified incident over the weekend that disrupted several servers supporting IT systems and could affect the supply chain for some time.
GPs urged to refuse to hand over patient details to NHS Digital
Senior doctors call on colleagues not to share personal data, in effort to buy time to raise awareness of plans
Senior GPs have called on colleagues to refuse to hand over patients’ personal data to NHS Digital, in a move they hope will buy time to raise awareness of plans to place all medical records in England on a central database.
All 36 doctors’ surgeries in Tower Hamlets, east London, have already agreed to withhold the data when collection begins on 1 July, the Guardian understands. An email has been circulated to about 100 practices across north-east London calling on them to also consider whether the data collection is legitimate, with the hope that it will spread to many more. The email makes clear the refusal to share the data is technically a breach of the Health and Social Care Act 2012.
Related: The Guardian view on medical records: NHS data grab needs explaining | Editorial
Continue reading...Asian cybercrime takedown leads to intercept of $83 million in financial theft
Police intercepted funds that were on their way to the accounts of financial fraudsters.SEC charges US promoters for marketing alleged BitConnect cryptocurrency Ponzi scheme
Promoters of a suspected, high-profile exit scam are now in the hot seat.5 common scams targeting teens – and how to stay safe
From knock-off designer products to too-good-to-be-true job offers, here are five common schemes fraudsters use to trick teenagers out of their money and sensitive data
The post 5 common scams targeting teens – and how to stay safe appeared first on WeLiveSecurity
Scamming You Through Social Media
You may be aware that cyber attacks will try to trick you over the phone or through email using phishing attacks, but do you realize they may try to attack you also over social media channels, such as Snapchat, Twitter, Facebook, or LinkedIn? Just like in email, if you get any social media messages that are highly urgent or too good to be true, it may be an attack.3 SASE Misconceptions to Consider
SASE is all the rage, promising things IT leaders have long dreamed about, but a purist approach may create consequences.On the Taxonomy and Evolution of Ransomware
Not all ransomware is the same! Oliver Tavakoli, CTO at Vectra AI, discusses the different species of this growing scourge.
Don’t feed the trolls and other tips for avoiding online drama
You may not be able to escape internet trolls, but you have a choice about how you will deal with them – here’s how you can handle trolls without losing your cool
The post Don’t feed the trolls and other tips for avoiding online drama appeared first on WeLiveSecurity
Careers in Cybersecurity
Have you considered a career in cybersecurity? It is a fast-paced, highly dynamic field with a huge number of specialties to choose from, including forensics, endpoint security, critical infrastructure, incident response, secure coding, and awareness and training. In addition, a career in cybersecurity allows you to work almost anywhere in the world, with amazing benefits and an opportunity to make a real difference. However, the most exciting thing is you do NOT need a technical background, anyone can get started.Using Fake Reviews to Find Dangerous Extensions
Fake, positive reviews have infiltrated nearly every corner of life online these days, confusing consumers while offering an unwelcome advantage to fraudsters and sub-par products everywhere. Happily, identifying and tracking these fake reviewer accounts is often the easiest way to spot scams. Here's the story of how bogus reviews on a counterfeit Microsoft Authenticator browser extension exposed dozens of other extensions that siphoned personal and financial data.Chinese APT Groups Continue to Pound Away on Pulse Secure VPNs
Security vendor says it has observed threat groups using a set of 16 tools specifically designed to attack Pulse Secure devices since April 2020.Hackers Exploit Post-COVID Return to Offices
Spoofed CIO ‘pandemic guideline’ emails being used to steal credentials.