Cybersecurity News


BladeHawk group: Android espionage against Kurdish ethnic group

ESET researchers have investigated a targeted mobile espionage campaign against the Kurdish ethnic group, and that has been active since at least March 2020.

The post BladeHawk group: Android espionage against Kurdish ethnic group appeared first on WeLiveSecurity

07 September 2021

Holy Grail of Security: Answers to ‘Did XYZ Work?’ – Podcast

Holy Grail of Security: Answers to ‘Did XYZ Work?’ – Podcast Verizon DBIR is already funny, useful & well-written, and it just got better with mapping to MITRE ATT&CK TTPs. The marriage could finally bring answers to "What are we doing right?" instead of the constant reminders of what's not working in fending off threats.
07 September 2021

“FudCo” Spam Empire Tied to Pakistani Software Firm

In May 2015, KrebsOnSecurity briefly profiled "The Manipulaters," the name chosen by a prolific cybercrime group based in Pakistan that was very publicly selling spam tools and a range of services for crafting, hosting and deploying malicious email. Six years later, a review of the social media postings from this group shows they are prospering, while rather poorly hiding their activities behind a software development firm in Lahore that has secretly enabled an entire generation of spammers and scammers.
06 September 2021

Human Fraud: Detecting Them Before They Detect You

Human Fraud: Detecting Them Before They Detect You Tony Lauro, director of security technology and strategy at Akamai, discusses how to disrupt account takeovers in the exploitation phase of an attack.
06 September 2021

IoT Attacks Skyrocket, Doubling in 6 Months

IoT Attacks Skyrocket, Doubling in 6 Months The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets.
06 September 2021

This is the perfect ransomware victim, according to cybercriminals

An investigation into what ransomware groups want has painted the picture of the perfect target.
06 September 2021

Apple slams the brakes on plans to scan user images for child abuse content

Backlash stemming from privacy concerns has delayed the rollout.
06 September 2021

The State of Incident Response: Measuring Risk and Evaluating Your Preparedness

The State of Incident Response: Measuring Risk and Evaluating Your Preparedness Grant Oviatt, director of incident-response engagements at Red Canary, provides advice and best practices on how to get there faster.
03 September 2021

FIN7 Capitalizes on Windows 11 Release in Latest Gambit

FIN7 Capitalizes on Windows 11 Release in Latest Gambit The financially motivated group looked to steal payment-card data from a California-based point-of-sale service provider.
03 September 2021

Week in security with Tony Anscombe

Vaccination passports - what you need to know. A guide to kids' smartphone security. CISA lists single-factor authentication as bad practice.

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

03 September 2021

Brute-Force Attacks Target Inboxes for Gift Card Data

Brute-Force Attacks Target Inboxes for Gift Card Data Cybercriminal enterprise is mass testing millions of usernames and passwords per day in a hunt for loyalty card data.
03 September 2021

FTC orders SpyFone to delete all of its surveillance data

The watchdog alleges the app "helped stalkers steal private information."
03 September 2021

A parent’s guide to smartphone security

Smartphones are kids’ trusty companions both in- and outside the classroom, and as they return to their desks, we’ve prepared some handy tips on how to keep their devices secure.

The post A parent’s guide to smartphone security appeared first on WeLiveSecurity

03 September 2021

BitConnect director pleads guilty to role in $2 billion cryptocurrency fraud

Prosecutors claim that the promoter earned over $24 million.
03 September 2021

NFT Collector Tricked into Buying Fake Banksy 

NFT Collector Tricked into Buying Fake Banksy  An attacker breached the site of famed street artist Banksy to host a fraudulent NFT auction but then gave back the money.
02 September 2021

SpyFone & CEO Banned From Stalkerware Biz

SpyFone & CEO Banned From Stalkerware Biz The FTC's first spyware ban nixes a company whose "slipshod" security practices led to exposure of thousands of victims' illegally collected personal data.
02 September 2021

Bluetooth Bugs Open Billions of Devices to DoS, Code Execution

Bluetooth Bugs Open Billions of Devices to DoS, Code Execution The BrakTooth set of security vulnerabilities impacts at least 11 vendors' chipsets.
02 September 2021

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Some of the most successful and lucrative online scams employ a "low-and-slow" approach -- avoiding detection or interference from researchers and law enforcement agencies by stealing small bits of cash from many people over an extended period. Here's the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online.
02 September 2021

Google Play Sign-Ins Allow Covert Location-Tracking

Google Play Sign-Ins Allow Covert Location-Tracking A design flaw involving Google Timeline could allow someone to track another device without installing a stalkerware app.
02 September 2021

Twitter introduces new feature to automatically block abusive behavior

Dubbed Safety Mode, the feature will temporarily block authors of offensive tweets from being able to contact or follow users.

The post Twitter introduces new feature to automatically block abusive behavior appeared first on WeLiveSecurity

02 September 2021