Cybersecurity News
MyRepublic Data Breach Raises Data-Protection Questions
The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say.
Top Steps for Ransomware Recovery and Preparation
Alex Restrepo, Virtual Data Center Solutions at Veritas Technologies, discusses post-attack restoration options, and how to prepare for another one in the future.
KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”
On Thursday evening, KrebsOnSecurity was the subject of a rather massive (and mercifully brief) distributed denial-of-service (DDoS) attack. The assault came from "Meris," the same new "Internet of Things" (IoT) botnet behind record-shattering attacks against Russian search giant Yandex this week and internet infrastructure firm Cloudflare earlier this summer.Week in security with Tony Anscombe
Cyberespionnage against Kurdish ethnic group, and more! – Week in security with Tony Anscombe
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Victims duped out of US$1.8 million by BEC and Romance scam ring
Elderly men and women were the main targets of the romance scams operated by the fraudsters.
The post Victims duped out of US$1.8 million by BEC and Romance scam ring appeared first on WeLiveSecurity
Yandex Pummeled by Potent Meris DDoS Botnet
Record-breaking distributed denial of service attack targets Russia’s version of Google - Yandex.
SOVA, Worryingly Sophisticated Android Trojan, Takes Flight
The malware appeared in August with an ambitious roadmap (think ransomware, DDoS) that could make it 'the most feature-rich Android malware on the market.'
5 Steps For Securing Your Remote Work Space
With so many people still working from home, cybercriminals are trying to cash in. Cyberattacks have increased 300% and the risk of losing important data or being compromised is much greater at home.
Here are five recommendations for securing your home office.
Google debuts new Private Compute features in ramp up of Android security
Google will also make the source code public for external audits.Stolen Credentials Led to Data Theft at United Nations
Threat actors accessed the organization’s proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks.
US military reservist lands himself prison sentence for operating romance scams
Older women and men were among his targets.Nuisance calls could lead to multimillion-pound fines in UK
Ministers considering bringing punishment in line with GDPR, which can issue fine of up to £17.5m
Multimillion-pound fines could be imposed for nuisance or fraudulent calls and texts under a proposed overhaul of the UK’s data rules.
Companies behind nuisance communications can be fined £500,000 by the Information Commissioner’s Office (ICO) but ministers are considering bringing the punishment in line with General Data Protection Regulation (GDPR), which can issue a fine of up to £17.5m or 4% of global turnover.
Continue reading...Ukrainian man extradited to the US to face botnet, data theft charges
The suspect has been detained ahead of his trial.Thousands of Fortinet VPN Account Credentials Leaked
They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit.
McDonald’s Email Blast Includes Password to Monopoly Game Database
Usernames, passwords for database sent in prize redemption emails.
Howard University suffers cyberattack, suspends online classes in aftermath
The university suffered a ransomware attack, however there is no evidence so far of data being accessed or stolen.
The post Howard University suffers cyberattack, suspends online classes in aftermath appeared first on WeLiveSecurity
Financial Cybercrime: Why Cryptocurrency is the Perfect ‘Getaway Car’
John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency.
‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise
A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering.
SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’
Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers.
Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix
An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom.