Cybersecurity News
U.K. Water Supplier Hit with Clop Ransomware Attack
The incident disrupted corporate IT systems at one company while attackers misidentified the victim in a post on its website that leaked stolen data.
DEF CON – “don’t worry, the elections are safe” edition
Don't worry, elections are safe. Our Security Researcher Cameron Camp provide us highlights from the DEF CON 30 conference.
The post DEF CON – “don’t worry, the elections are safe” edition appeared first on WeLiveSecurity
Xiaomi Phone Bug Allowed Payment Forgery
Mobile transactions could’ve been disabled, created and signed by attackers.
How a spoofed email passed the SPF check and landed in my inbox
The Sender Policy Framework can’t help prevent spam and phishing if you allow billions of IP addresses to send as your domain
The post How a spoofed email passed the SPF check and landed in my inbox appeared first on WeLiveSecurity
Black Hat and DEF CON Roundup
‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.
Black Hat USA 2022: Burnout, a significant issue
The digital skills gap, especially in cybersecurity, is not a new phenomenon. This problematic is now exacerbate by the prevalence of burnout, which was presented at Black Hat USA 2022
The post Black Hat USA 2022: Burnout, a significant issue appeared first on WeLiveSecurity
Black Hat – Windows isn’t the only mass casualty platform anymore
Windows used to be the big talking point when it came to exploits resulting in mass casualties. Nowadays, talks turned to other massive attack platforms like #cloud and cars
The post Black Hat – Windows isn’t the only mass casualty platform anymore appeared first on WeLiveSecurity
Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics
The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.
The potential consequences of data breach, and romance scams – Week in security with Tony Anscombe
The NHS was victim of a potential cyberattack, which raises the question of the impact of those data breach for the public.
The post The potential consequences of data breach, and romance scams – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Sounding the Alarm on Emergency Alert System Flaws
The Department of Homeland Security (DHS) is urging states and localities to beef up security around proprietary devices that connect to the Emergency Alert System -- a national public warning system used to deliver important emergency information, such as severe weather and AMBER alerts. The DHS warning came in advance of a workshop to be held this weekend at the DEFCON security conference in Las Vegas, where a security researcher is slated to demonstrate multiple weaknesses in the nationwide alert system.Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’
Researcher shows how Instagram and Facebook’s use of an in-app browser within both its iOS apps can track interactions with external websites.
Black Hat 2022‑ Cyberdefense in a global threats era
Our Security evangelist's take on this first day of Black Hat 2022, where cyberdefense was on every mind.
The post Black Hat 2022‑ Cyberdefense in a global threats era appeared first on WeLiveSecurity
Safety first: how to tweak the settings on your dating apps
Tinder, Bumble or Grindr - popular dating apps depend heavily on your location, personal data, and loose privacy settings. Find out how to put yourself out there safely by following our suggested settings tweaks.
The post Safety first: how to tweak the settings on your dating apps appeared first on WeLiveSecurity
It Might Be Our Data, But It’s Not Our Breach
A cybersecurity firm says it has intercepted a large, unique stolen data set containing the names, addresses, email addresses, phone numbers, Social Security Numbers and dates of birth on nearly 23 million Americans. The firm's analysis of the data suggests it corresponds to current and former customers of AT&T. The telecommunications giant stopped short of saying the data wasn't theirs, but it maintains the records do not appear to have come from its systems and may be tied to a previous data incident at another company.An eighties classic – Zero Trust
A deep-dive in Zero-trust, to help you navigate in a zero-trust world and further secure your organization.
The post An eighties classic – Zero Trust appeared first on WeLiveSecurity
Starlink Successfully Hacked Using $25 Modchip
Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system
New Hacker Forum Takes Pro-Ukraine Stance
A uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and Belarus
Cisco Confirms Network Breach Via Hacked Employee Google Account
Networking giant says attackers gained initial access to an employee’s VPN client via a compromised Google account.
Fears for patient data after ransomware attack on NHS software supplier
Attack being investigated for potential data theft as experts warn criminals could use stolen details as leverage
A ransomware attack on an NHS software supplier last week is being investigated for potential theft of patient data, as experts warned that criminals could use personal information as leverage in negotiations.
Advanced, which provides services for NHS 111 and patient records, said it was investigating “potentially impacted data” and that it would provide updates when it had more information about “potential data access or exfiltration”. The UK data watchdog confirmed it was aware of the incident and was “making inquiries.”
Continue reading...Podcast: Inside the Hackers’ Toolkit
This edition of the Threatpost podcast is sponsored by Egress.