Cybersecurity News


Security fatigue is real: Here’s how to overcome it

Do your employees take more risks with valuable data because they’ve become desensitized to security guidance? Spot the symptoms before it’s too late.

The post Security fatigue is real: Here’s how to overcome it appeared first on WeLiveSecurity

22 November 2022

Paving the Way: Inspiring Women in Payments - A Q&A featuring Kara Gunderson

 

Kara Gunderson’s father always told her, “You have to arrange for your own good luck.” And this is a mantra that rings true for her. She believes that everyone, male or female, needs to work for their job. They need to roll up their sleeves, prove that they are willing to work hard, and that they are worthy of the position. In this edition of our blog, Kara explains that at one time she was one of the few women in petroleum payments and was held back because of her gender. But, over time, this has changed, and through hard work, she has arranged for her own good luck and success in the industry.

21 November 2022

Facebook sued for collecting personal data to target adverts

Facebook sued for collecting personal data to target adverts

In high court case that could set precedent for millions, Tanya O’Carroll alleges owner Meta is breaking UK data laws

A human rights campaigner is suing Facebook’s owner in the high court, claiming the company is disregarding her right to object against the collection of her personal data.

Tanya O’Carroll has launched a lawsuit against Mark Zuckerberg’s Meta alleging it has breached UK data laws by failing to respect her right to demand Facebook stop collecting and processing her data. Facebook generates revenue from building profiles of users and matching them with advertisers who direct ads at people targeting their specific interests and backgrounds.

Continue reading...
21 November 2022

Latest insights on APT activity – Week in security with Tony Anscombe

What have some of the world's most notorious APT groups been up to lately? A new ESET report released this week has the answers.

The post Latest insights on APT activity – Week in security with Tony Anscombe appeared first on WeLiveSecurity

18 November 2022

Tor vs. VPN: Which should you choose?

Both Tor and a VPN can greatly help you keep prying eyes away from your online life, but they’re also two very different beasts. Which is better for you?

The post Tor vs. VPN: Which should you choose? appeared first on WeLiveSecurity

18 November 2022

Researchers Quietly Cracked Zeppelin Ransomware Keys

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things,… Read More »
17 November 2022

Stop using Twitter to log in to other websites

With Twitter's growing technical problems, you can't rely on it as your single sign-on for other sites.
16 November 2022

Just Published: PCI Mobile Payments on COTS

 

The PCI Security Standards Council (PCI SSC) has published a new standard designed to support the evolution of mobile payment acceptance solutions. PCI Mobile Payments on COTS (MPoC) builds on the existing PCI Software-based PIN Entry on COTS (SPoC) and PCI Contactless Payments on COTS (CPoC) Standards which individually address security requirements for solutions that enable merchants to accept cardholder PINs or contactless payments, using a smartphone or other commercial off-the-shelf (COTS) mobile device. The PCI MPoC Standard aims to provide increased flexibility not only in how payments are accepted, but in how COTS-based payment acceptance solutions can be developed, deployed, and maintained.

16 November 2022

Disneyland Malware Team: It’s a Puny World After All

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic and Ukrainian.
16 November 2022

Open banking: Tell me what you buy, and I’ll tell you who you are

The convenience with which you manage all your financial wants and needs may come at a cost

The post Open banking: Tell me what you buy, and I’ll tell you who you are appeared first on WeLiveSecurity

16 November 2022

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Vyacheslav “Tank” Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources.
15 November 2022

Coffee with the Council Podcast: Meet the Council’s New Regional VP, Asia-Pacific

 

Welcome to our podcast series, Coffee with the Council. I'm Alicia Malone, Senior Manager of Public Relations for the PCI Security Standards Council. Today, we'll meet one of the Council's newest employees, our Regional Vice President of Asia-Pacific, Yew Kuann Cheng. Yew Kuann is based in Singapore and spent 15 years as the Senior Director of Risk, Strategy, and Operations in Asia-Pacific for Visa. Thank you for joining us today, Yew Kuann, and also welcome to the team.

14 November 2022

ESET APT Activity Report T2 2022

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T2 2022

The post ESET APT Activity Report T2 2022 appeared first on WeLiveSecurity

14 November 2022

Security challenges facing SMBs – Week in security with Tony Anscombe

New ESET report shows how ever-growing threats impact SMB sentiment and why many SMBs are underprepared to defend against attacks

The post Security challenges facing SMBs – Week in security with Tony Anscombe appeared first on WeLiveSecurity

11 November 2022

FIFA World Cup 2022 scams: Beware of fake lotteries, ticket fraud and other cons

When in doubt, kick it out, plus other tips for hardening your cyber-defenses against World Cup-themed phishing and other scams

The post FIFA World Cup 2022 scams: Beware of fake lotteries, ticket fraud and other cons appeared first on WeLiveSecurity

11 November 2022

Lawsuit Seeks Food Benefits Stolen By Skimmers

A nonprofit organization is suing the state of Massachusetts on behalf of thousands of low-income families who were collectively robbed of more than a $1 million in food assistance benefits by card skimming devices secretly installed at cash machines and grocery store checkout lanes across the state. Federal law bars states from replacing these benefits using federal funds, and a recent rash of skimming incidents nationwide has disproportionately affected those receiving food assistance via state-issued prepaid debit cards.
10 November 2022

Toward the cutting edge: SMBs contemplating enterprise security

Survey finds SMBs, weary of security failures, curious about detection and response

The post Toward the cutting edge: SMBs contemplating enterprise security appeared first on WeLiveSecurity

10 November 2022

Medibank hacker says ransom demand was US$10m as purported abortion health records posted

Medibank hacker says ransom demand was US$10m as purported abortion health records posted

Post on blog linked to Russian ransomware group says it offered ‘discount’ ransom to health insurer of US$9.7m, or $1 for each customer’s data

The hacker behind the cyber-attack on Medibank set a US$10m price on not releasing the data, they claimed, alongside a new leak of apparently hacked records that purports to contain abortion health information.

In the early hours of Thursday on a dark web blog linked to the REvil Russian ransomware group, the attacker posted that they initially sought US$10m from Medibank, then reduced the price.

Sign up for Guardian Australia’s free morning and afternoon email newsletters for your daily news roundup

Continue reading...
09 November 2022

Farewell to PA-DSS: A Tribute to a Foundational Standard

 

On 28 October 2022, the PCI Security Standards Council (PCI SSC) formally retired its Payment Application Data Security Standard (PA-DSS). As one of the first standards and programs of its kind, PA-DSS laid the groundwork for software security in the payment industry and has served the payment industry’s needs for more than 14 years.

09 November 2022

10 common security mistakes and how to avoid them

Do you make these security mistakes and put yourself at greater risk for successful attacks?

The post 10 common security mistakes and how to avoid them appeared first on WeLiveSecurity

09 November 2022