Cybersecurity News
Hacking of activists is latest in long line of cyber-attacks on Palestinians
Analysis: while identity of hackers is not known in this case, Palestinians have long been spied on by Israeli military
The disclosure that Palestinian human rights defenders were reportedly hacked using NSO’s Pegasus spyware will come as little surprise to two groups of people: Palestinians themselves and the Israeli military and intelligence cyber operatives who have long spied on Palestinians.
While it is not known who was responsible for the hacking in this instance, what is very well documented is the role of the Israeli military’s 8200 cyberwarfare unit – known in Hebrew as the Yehida Shmoneh-Matayim – in the widespread spying on Palestinian society.
Continue reading...Be On Alert This Holiday Season
In this blog we explore the challenges around security of payment data during the hectic holiday season and provide tips and best practices to help retailers better secure their payment data.
Passwordless authentication: Is your company ready to move beyond passwords?
Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free.
The post Passwordless authentication: Is your company ready to move beyond passwords? appeared first on WeLiveSecurity
Passwordless authentication: Is your company ready to move beyond passwords?
Are the days numbered for ‘123456’? As Microsoft further nudges the world away from passwords, here’s what your organization should consider before going password-free.
The post Passwordless authentication: Is your company ready to move beyond passwords? appeared first on WeLiveSecurity
Cybersecurity firms provide threat intel for Clop ransomware group arrests
The crackdown was codenamed Operation Cyclone.Native Tribal Casinos Taking Millions in Ransomware Losses
An FBI notification is warning of an uptick in attacks against tribal casinos.
BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released
CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.
Beyond the Basics: Tips for Building Advanced Ransomware Resiliency
Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify, offers advice on least privilege, automation, application control and more.
Google Ads for Faux Cryptowallets Net Scammers At Least $500K
Malicious Phantom, MetaMask cryptowallets are on the prowl to drain victim funds.
Proofpoint Phish Harvests Microsoft O365, Google Logins
A savvy campaign impersonating the cybersecurity company skated past Microsoft email security.
Week in security with Tony Anscombe
What's it like working as a malware researcher? – ProtonMail and the battle for email privacy – Man charged with hacking, trying to extort US sports leagues
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Week in security with Tony Anscombe
What's it like working as a malware researcher? – ProtonMail and the battle for email privacy – Man charged with hacking, trying to extort US sports leagues
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Feds Offer $10 Million Bounty for DarkSide Info
The U.S. State Department ups the ante in its hunt for the ransomware perpetrators by offering a sizeable cash sum for locating and arresting leaders of the cybercriminal group.
SSL certificate research highlights pitfalls for company data, competition
Analysis reveals hidden risks for organizations that do not monitor their certificate usage.US Blacklists Pegasus Spyware Maker
NSO Group plans to fight the trade ban, saying it's "dismayed" and clinging to the mantra that its tools actually help to prevent terrorism and crime.
3 Guideposts for Building a Better Incident-Response Plan
Invest and practice: Grant Oviatt, director of incident-response engagements at Red Canary, lays out the key building blocks for effective IR.
‘Tis the Season for the Wayward Package Phish
The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a time-honored lure about a wayward package that needs redelivery. Here's a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients.Google squashes Android zero‑day bug exploited in targeted attacks
Beyond the vulnerability in the Android kernel, the monthly round of security patches plugs another 38 security loopholes
The post Google squashes Android zero‑day bug exploited in targeted attacks appeared first on WeLiveSecurity
Google squashes Android zero‑day bug exploited in targeted attacks
Beyond the vulnerability in the Android kernel, the monthly round of security patches plugs another 38 security loopholes
The post Google squashes Android zero‑day bug exploited in targeted attacks appeared first on WeLiveSecurity
Free Discord Nitro Offer Used to Steal Steam Credentials
A fake Steam pop-up prompts users to ‘link’ Discord account for free Nitro subs.