Cybersecurity News


Cybersecurity awareness training: What is it and what works best?

Give employees the knowledge needed to spot the warning signs of a cyberattack and to understand when they may be putting sensitive data at risk

The post Cybersecurity awareness training: What is it and what works best? appeared first on WeLiveSecurity

07 June 2022

IBM acquires Randori to streamline threat detection, bolster XDR offerings

The tech giant's latest purchase builds on the acquisition of ReaQta.
06 June 2022

Ransomware attacks have dropped. And gangs are attacking each other's victims

Research indicates victim numbers are dropping but the finance sector is experiencing more than its fair share of attacks.
06 June 2022

Sheryl Sandberg’s influence reaches all of us. But it’s a troubling legacy | Stephanie Hare

Sheryl Sandberg’s influence reaches all of us. But it’s a troubling legacy | Stephanie Hare From epic data mining to shocking failures of content moderation, Meta’s COO passes on a vast clean-up job

If you are reading this, odds are that you are one of the 2.87 billion daily users of the products offered by Meta, the parent company of Facebook, Instagram, Facebook Messenger and WhatsApp. If you are not using any of these products, you are connected to people who do use them. And this connects you to Sheryl Sandberg, who resigned last week from her role as Meta’s chief operating officer.

Even if you have never met her, interacted directly with her or read her books on corporate feminism or bereavement, Sandberg has had an impact on your life. She’s not the only reason that our data is tracked online, whether we use Meta’s products or not. Many others have helped to create and exploit an entire industry that profits from our data. What’s more, lawmakers and regulators worldwide have done little to stop this, in no small part because companies like the ones Sandberg helped run spend millions of dollars every year lobbying to prevent or water down any attempts at regulation.

Continue reading...
05 June 2022

What Counts as “Good Faith Security Research?”

The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. But legal experts continue to advise researchers to proceed with caution, noting the new guidelines can’t be used as a defense in court, nor are they any kind of shield against civil prosecution.
03 June 2022

Key insights from ESET’s latest Threat Report – Week in security with Tony Anscombe

A review of the key trends that defined the threatscape in the first four months of 2022 and what these developments mean for your cyber-defenses

The post Key insights from ESET’s latest Threat Report – Week in security with Tony Anscombe appeared first on WeLiveSecurity

03 June 2022

100 days of war in Ukraine: How the conflict is playing out in cyberspace

It’s been 100 days since Russia invaded Ukraine, and we look back at various cyberattacks connected to the conflict

The post 100 days of war in Ukraine: How the conflict is playing out in cyberspace appeared first on WeLiveSecurity

03 June 2022

Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again

Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.'
03 June 2022

Evil Corp Pivots LockBit to Dodge U.S. Sanctions

Evil Corp Pivots LockBit to Dodge U.S. Sanctions The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity.
03 June 2022

Cybersecurity in the future: Security 'by PlayStation' and IoT asbestos

WithSecure's Mikko Hyppönen shares his predictions for cybersecurity, cybercrime, and how our devices will be protected.
02 June 2022

Cybercriminals Expand Attack Radius and Ransomware Pain Points

Cybercriminals Expand Attack Radius and Ransomware Pain Points Melissa Bischoping, security researcher with Tanium and Infosec Insiders columnist, urges firms to consider the upstream and downstream impact of "triple extortion" ransomware attacks.
02 June 2022

ESET Threat Report T 1 2022

A view of the T 1 2022 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

The post ESET Threat Report T 1 2022 appeared first on WeLiveSecurity

02 June 2022

Scammers Target NFT Discord Channel

Scammers Target NFT Discord Channel Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links.
02 June 2022

International Authorities Take Down Flubot Malware Network

International Authorities Take Down Flubot Malware Network The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020.
02 June 2022

Being prepared for adversarial attacks

Being prepared for adversarial attacks There is no question that the level of threats facing today’s businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, Chief Security Strategist & VP Global Threat Intelligence, Fortinet’s […]
02 June 2022

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.
01 June 2022

Talking to children about the internet: A kid’s perspective

A 14-year-old shares his thoughts about technology and the potential privacy and security implications of the internet

The post Talking to children about the internet: A kid’s perspective appeared first on WeLiveSecurity

01 June 2022

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack from a different Russian ransomware gang — Conti. Ransomware experts say there is good reason to believe the same cybercriminals are behind both attacks, and that Hive has been helping Conti rebrand and evade international sanctions targeting extortion payouts to cybercriminals operating in Russia.
31 May 2022

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot.
31 May 2022

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.
31 May 2022