Cybersecurity News
The dirty dozen of Latin America: From Amavaldo to Zumanek
The grand finale of our series dedicated to demystifying Latin American banking trojans
The post The dirty dozen of Latin America: From Amavaldo to Zumanek appeared first on WeLiveSecurity
In 2022, Expect More Supply Chain Pain and Changing Security Roles

Apple iOS Update Fixes Cringey iPhone 13 Jailbreak Exploit

Microsoft Patch Tuesday, December 2021 Edition
Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that that is already being actively exploited. But this month's Patch Tuesday is being overshadowed by the "Log4Shell" 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw.Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

400 Banks’ Customers Targeted with Anubis Trojan

Paving the way: Inspiring Women in Payments - featuring Amanda Andrews
As a young attorney just starting out, Amanda Andrews’ career path would lead her in a direction she never imagined. In this month’s blog series, Andrews’ describes how her experience with Visa Inc. led her into a cybersecurity career with The Walt Disney Company and why you should never take “no” for an answer.
What the Log4Shell Bug Means for SMBs: Experts Weigh In

How to Buy Precious Patching Time as Log4j Exploits Fly

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

5 warning signs your identity has been stolen
By spotting these early warning signs of identity theft, you can minimize the impact on you and your family
The post 5 warning signs your identity has been stolen appeared first on WeLiveSecurity
Inside Ireland’s Public Healthcare Ransomware Scare
The accounting firm PricewatersCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland's public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware. It also found affected hospitals had tens of thousand of outdated Windows 7 systems, and that the health system's IT administrators failed to respond to multiple warning signs that a massive attack was imminent.Kronos Ransomware Outage Drives Widespread Payroll Chaos

Log4Shell vulnerability: What we know so far
The critical flaw in the ubiquitous Log4j utility has sent shockwaves far beyond the security industry – here’s what we know so far
The post Log4Shell vulnerability: What we know so far appeared first on WeLiveSecurity
Q&A with Ralph Spencer Poore
After more than 10 years working at PCI Security Standards Council (PCI SSC), Ralph Poore, Director, Emerging Standards, retires at the end of the year. In this blog, we interview Ralph about his career in cryptography, security and the payments industry, the most rewarding aspects of his career, and how he plans to stay involved with the PCI SSC as well as his retirement plans.
Where the Latest Log4Shell Attacks Are Coming From

Malicious PyPI Code Packages Rack Up Thousands of Downloads

Log4Shell Is Spawning Even Nastier Mutations

The new PPI? Claims firms turn their fire on data breaches

People are being told they are entitled to compensation as more companies move into the industry
Claims companies and law firms looking for the next bonanza in payouts are targeting people who have been the victim of a data breach, with some telling those affected they could be entitled to thousands of pounds in compensation.
A Google search for the term “data breach claim” results in a long list of firms – the vast majority of them no-win, no-fee solicitors – and there are more moving into this space all the time. Meanwhile, adverts for firms are increasingly appearing in Instagram feeds.
Continue reading...Next-Gen Maldocs & How to Solve the Human Vulnerability
