Cybersecurity News
ESET Research Podcast: Ransomware trashed data, Android threats soared in T3 2022
And that’s just the tip of the iceberg when it comes to the trends that defined the cyberthreat landscape in the final four months of 2022.
The post ESET Research Podcast: Ransomware trashed data, Android threats soared in T3 2022 appeared first on WeLiveSecurity
Labor plan to beef up government’s cyber powers faces Senate block
A paper expanding on greater ability to intervene during hacks – especially on private companies – causes alarm among Coalition and Greens
- Follow our Australia news live blog for the latest updates
- Get our morning and afternoon news emails, free app or daily news podcast
Labor could face Senate difficulties if it tries to dramatically expand the government’s powers to directly intervene in companies’ IT systems during cyber-attacks.
Under existing laws – which were controversial when introduced by the former Coalition government – the Australian Signals Directorate has the ability to “step in” as a “last resort” in some emergency situations, but only for critical infrastructure assets.
Continue reading...When Low-Tech Hacks Cause High-Impact Breaches
Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. Media coverage understandably focused on GoDaddy's admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But it's worth revisiting how this group typically got in to targeted companies: By calling employees and tricking them into navigating to a phishing website.Who’s Behind the Botnet-Based Service BHProxies?
A security firm has discovered that a five-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here’s a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service.Rishi Sunak faces calls to ban TikTok use by government officials
PM under pressure to follow EU and US in taking step over fears Chinese-owned app poses cybersecurity risk
Rishi Sunak has been urged to ban government officials from using TikTok in line with moves by the EU and US, amid growing cybersecurity fears over China.
Officials in Europe and the US have been told to limit the use of the Chinese-owned social video app over concerns that data can be accessed by Beijing.
Continue reading...One year on, how is the war playing out in cyberspace? – Week in security with Tony Anscombe
With the conflict in Ukraine passing the one-year mark, have its cyber-war elements turned out as expected?
The post One year on, how is the war playing out in cyberspace? – Week in security with Tony Anscombe appeared first on WeLiveSecurity
A year of wiper attacks in Ukraine
ESET Research has compiled a timeline of cyberattacks that used wiper malware and have occurred since Russia’s invasion of Ukraine in 2022
The post A year of wiper attacks in Ukraine appeared first on WeLiveSecurity
European Commission bans staff from using TikTok on work devices
Employees given until 15 March to comply amid concerns over app’s Chinese ownership
The EU’s executive body has banned its thousands of staff from using TikTok, as governments and officials become increasingly concerned over the company’s data practices and Chinese ownership.
The European Commission sent an email to employees ordering them to delete the app from all work phones and devices, and any personally owned ones that use the commission’s apps and email. Employees have until 15 March to comply.
Continue reading...WinorDLL64: A backdoor from the vast Lazarus arsenal?
The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous North Korea-aligned APT group
The post WinorDLL64: A backdoor from the vast Lazarus arsenal? appeared first on WeLiveSecurity
Writing like a boss with ChatGPT and how to get better at spotting phishing scams
It’s never been easier to write a convincing message that can trick you into handing over your money or personal data
The post Writing like a boss with ChatGPT and how to get better at spotting phishing scams appeared first on WeLiveSecurity
New Video Series: Questions with the Council
In this new video series, Emma Sutcliffe, SVP Standards, answers the payment industry’s questions about PCI DSS v4.0. Questions include:
ESET SMB Digital Security Sentiment Report: The damaging effects of a breach
SMBs need to not only reduce their odds of being hit by an attack, but also implement processes that they can follow if their defenses are breached
The post ESET SMB Digital Security Sentiment Report: The damaging effects of a breach appeared first on WeLiveSecurity
Will ChatGPT start writing killer malware?
AI-pocalypse soon? As stunning as ChatGPT’s output can be, should we also expect the chatbot to spit out sophisticated malware?
The post Will ChatGPT start writing killer malware? appeared first on WeLiveSecurity
New Protections for Food Benefits Stolen by Skimmers
Millions of Americans receiving food assistance benefits just earned a new right that they can't yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes.Search ads abused to spread malware – Week in security with Tony Anscombe
Threat actors used search engine ads to impersonate makers of popular software and direct internet users to malicious websites
The post Search ads abused to spread malware – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Security amidst a global frost
No longer relegated to a side-show, tech is embedded into virtually every new piece of gear entering the battlefield
The post Security amidst a global frost appeared first on WeLiveSecurity
These aren’t the apps you’re looking for: fake installers targeting Southeast and East Asia
ESET researchers have identified a campaign using trojanized installers to deliver the FatalRAT malware, distributed via malicious websites linked in ads that appear in Google search results
The post These aren’t the apps you’re looking for: fake installers targeting Southeast and East Asia appeared first on WeLiveSecurity
Medibank class action launched after massive hack put private information of millions on dark web
Law firm Baker McKenzie says company failed to protect privacy of customers in Australia and overseas
- Follow our Australia news live blog for the latest updates
- Get our morning and afternoon news emails, free app or daily news podcast
The law firm Baker McKenzie has launched a class action lawsuit against Medibank over the health insurer’s massive cyber attack last year that resulted in the personal details of up to 10 million customers being posted on the dark web.
In what became the largest breach of its kind to date in Australia, the hack on Medibank resulted in the personal details of 9.7 million current and former customers, including 5.1 million Medibank customers, 2.8 million ahm customers and 1.8 million international customers, being leaked.
Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup
Continue reading...10 signs that scammers have you in their sights
Don’t be their next victim – here’s a handy round-up of some the most common signs that should set your alarm bells ringing
The post 10 signs that scammers have you in their sights appeared first on WeLiveSecurity