Cybersecurity News
SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More
SEGA's disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets.
Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites
The campaign was an opportunistic supply-chain attack abusing a weaponized cloud video player.
Purple Fox Rootkit Dropped by Malicious Telegram Installers
Multiple malicious installers were delivering the same Purple Fox rootkit version using the same attack chain, possibly distributed via email or phishing sites.
McMenamins Data Breach Affects 12 Years of Employee Info
The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack.
Troy Leach Says Farewell to PCI SSC
It is said that change is the only constant in life. And the last 21 months have been a time of unprecedented change in the way we live, work and travel.
These changes have brought with them a wave of changes as many companies and individuals reevaluate their opportunities and family responsibilities in the new way of working.
Portuguese Media Giant Impresa Crippled by Ransomware Attack
The websites of the company and the Expresso newspaper, as well as all of its SIC TV channels remained offline Tuesday after the New Year’s weekend attack.
Instagram and teens: A quick guide for parents to keep their kids safe
How can you help your kids navigate Instagram safely? Here are a few tips to help you protect their privacy on the app.
The post Instagram and teens: A quick guide for parents to keep their kids safe appeared first on WeLiveSecurity
Cyberattack against UK Ministry of Defence training academy revealed
The attack had a "significant" impact on operations last year.Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022
Be alert, be proactive and break these 10 bad habits to improve your cyber-hygiene in 2022
The post Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022 appeared first on WeLiveSecurity
Cyber-attack on UK’s Defence Academy caused ‘significant’ damage
Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs
A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.
Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.
Continue reading...The biggest data breaches, hacks of 2021
As COVID-19 continues to cause disruption, cyberattacks haven't let up, either.Copycat and fad hackers will be the bane of supply chain security in 2022
Experts explain why the supply chain is now a top target for cybercriminals -- and what we should expect to see in 2022.What the Rise in Cyber-Recon Means for Your Security Strategy
Expect many more zero-day exploits in 2022, and cyberattacks using them being launched at a significantly higher rate, warns Aamir Lakhani, researcher at FortiGuard Labs.
APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools
Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution.
22 cybersecurity statistics to know for 2022
As we usher in the New Year, let’s take a look at some statistics that will help you stay up-to-date on recent cybersecurity trends
The post 22 cybersecurity statistics to know for 2022 appeared first on WeLiveSecurity
Happy 12th Birthday, KrebsOnSecurity.com!
KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe "celebrate" is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site's birthday also is a welcome opportunity to thank you all for your continued readership and support, which helps keep the content here free to everyone.Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
Jason Kent is Hacker-in-Residence at Cequence Security.
Cryptomining Attack Exploits Docker API Misconfiguration Since 2019
Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency.
5 Cybersecurity Trends to Watch in 2022
Here’s what cybersecurity watchers want infosec pros to know heading into 2022.
That Toy You Got for Christmas Could Be Spying on You
Security flaws in the recently released Fisher-Price Chatter Bluetooth telephone can allow nearby attackers to spy on calls or communicate with children using the device.
