Cybersecurity News


Attacks Erase Western Digital Network-Attached Storage Drives

The company suspects a remote code execution vulnerability affecting My Book Live and My Book Live Duo devices and recommends that business and individual users turn off the drives to protect their data.
28 June 2021

Request for Comments: PCI DSS v4.0 Draft Validation Documents


From 28 June to 28 July, PCI SSC stakeholders can participate in a Request for Comments (RFC) on a draft of the PCI DSS v4.0 draft validation documents. As indicated in a recent post on the PCI DSS v4.0 timeline, this RFC was added as a unique opportunity for the industry to provide feedback on drafts of the v4.0 Report on Compliance (ROC) Template and the ROC Attestations of Compliance (AOC). This RFC also introduces a new approach to merchant self-assessments, called Merchant Assessment Forms (MAFs), intended to replace Self-Assessment Questionnaires.

28 June 2021

NVIDIA Patches High-Severity GeForce Spoof-Attack Bug

NVIDIA Patches High-Severity GeForce Spoof-Attack Bug A vulnerability in NVIDIA’s GeForce Experience software opens the door to remote data access, manipulation and deletion.
28 June 2021

New House Bill Aims to Drive Americans' Security Awareness

The legislation requires the National Telecommunications and Information Administration to establish a cybersecurity literacy campaign.
28 June 2021

Microsoft Tracks Attack Campaign Against Customer Support Agents

The company attributes the attack to Nobelium, the same group it linked to the SolarWinds campaign earlier this year.
28 June 2021

Russian Attackers Breach Microsoft Customer Service Accounts

Russian Attackers Breach Microsoft Customer Service Accounts American IT companies and government have been targeted by the Nobelium state-sponsored group.  
28 June 2021

An Interesting Approach to Cyber Insurance

An Interesting Approach to Cyber Insurance What if insurers were to offer companies an incentive -- say, a discount -- for better protecting themselves? You know, the way car insurance companies offer lower premiums to customers who take a driver's ed course.
28 June 2021

The Danger of Action Bias: Is It Always Better to Act Quickly?

Experts discuss the meaning of action bias and how it presents a threat to IT security leaders, practitioners, and users.
28 June 2021

Microsoft Signs Malware That Spreads Through Gaming

Microsoft Signs Malware That Spreads Through Gaming The driver, called "Netfilter," is a rootkit that talks to Chinese C2 IPs and aims to spoof gamers' geo-locations to cheat the system and play from anywhere, Microsoft said.
28 June 2021

Critical CISO Initiatives for the Second Half of 2021

Critical CISO Initiatives for the Second Half of 2021 Saryu Nayyar, CEO at Gurucul, goes over what defenses CISOs need now, and how and why to prioritize the options.
28 June 2021

In Memoriam: John McAfee

What was it like to work for, and be friends with, the larger-than-life technology entrepreneur back when he helped shape the computer security industry?

The post In Memoriam: John McAfee appeared first on WeLiveSecurity

28 June 2021

The Role of Encryption in Protecting LGBTQ+ Community Members

The Internet is a vital tool that helps LGBTQ+ community members communicate without fear of persecution -- and strong encryption is a critical part of this equation.
28 June 2021

Buckland: ministerial offices should be swept for hidden cameras – video

Buckland: ministerial offices should be swept for hidden cameras – video

The justice secretary has signalled that ministerial security may have been compromised as he called for regular security sweeps for cameras in ministers’ offices after the Matt Hancock scandal. Hancock resigned as health secretary after CCTV footage from his departmental office showing him kissing his senior aide was leaked to the press

Continue reading...
28 June 2021

Own an old WD My Book Live? Disconnect it from the internet right now

Active attacks are indiscriminately wiping user devices.
28 June 2021

Hancock CCTV footage: security may have been breached, minister says

Hancock CCTV footage: security may have been breached, minister says

Justice secretary Robert Buckland calls for regular sweeps for hidden cameras in government offices

The justice secretary, Robert Buckland, has signalled that ministerial security may have been compromised as he called for regular security sweeps for cameras in ministers’ offices after the Matt Hancock scandal.

Hancock resigned as health secretary on Saturday following the leak of CCTV images from his departmental office showing him kissing his senior aide Gina Coladangelo.

Continue reading...
28 June 2021

GitHub bug bounties: payouts surge past $1.5 million mark

GitHub says that 2020 was the “busiest year yet” in vulnerability disclosure.
28 June 2021

Ministry of Defence employee charged in child pornography case

The charges stem from his participation in the “PedoPub” web forum.
28 June 2021

John McAfee obituary

John McAfee obituary Controversial antivirus software pioneer who entered US politics and became a fugitive from justice

As the inventor of the antivirus software that bears his name, John McAfee, who has died aged 75 after apparently taking his own life in a Spanish prison, turned paranoia into a fortune. He was one of the first successful self-promoting celebrity millionaires whose power and media exposure provide untold influence in the US.

Moving from computer savant to spiritual guru, he then began an extended second act in Belize, where his outsized lifestyle fuelled his own personal paranoia, and led to his becoming the leading suspect in the murder of a beachfront neighbour.

Continue reading...
27 June 2021

Mercedes-Benz Customer Data Flies Out the Window

Mercedes-Benz Customer Data Flies Out the Window For over three years, a vendor was recklessly driving the cloud-stored data of luxury-car-owning customers and wannabe buyers.
25 June 2021

New CPU Baseline for Windows 11 Will Ensure Better Security, Microsoft Says

Redmond's latest OS will run only on systems with TPM 2.0 chips.
25 June 2021