Cybersecurity News


SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More

SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More SEGA's disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets.
04 January 2022

Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites

Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites The campaign was an opportunistic supply-chain attack abusing a weaponized cloud video player.
04 January 2022

Purple Fox Rootkit Dropped by Malicious Telegram Installers

Purple Fox Rootkit Dropped by Malicious Telegram Installers Multiple malicious installers were delivering the same Purple Fox rootkit version using the same attack chain, possibly distributed via email or phishing sites.
04 January 2022

McMenamins Data Breach Affects 12 Years of Employee Info

McMenamins Data Breach Affects 12 Years of Employee Info The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack.
04 January 2022

Troy Leach Says Farewell to PCI SSC


It is said that change is the only constant in life. And the last 21 months have been a time of unprecedented change in the way we live, work and travel.

These changes have brought with them a wave of changes as many companies and individuals reevaluate their opportunities and family responsibilities in the new way of working.

04 January 2022

Portuguese Media Giant Impresa Crippled by Ransomware Attack

Portuguese Media Giant Impresa Crippled by Ransomware Attack The websites of the company and the Expresso newspaper, as well as all of its SIC TV channels remained offline Tuesday after the New Year’s weekend attack.
04 January 2022

Instagram and teens: A quick guide for parents to keep their kids safe

How can you help your kids navigate Instagram safely? Here are a few tips to help you protect their privacy on the app.

The post Instagram and teens: A quick guide for parents to keep their kids safe appeared first on WeLiveSecurity

04 January 2022

Cyberattack against UK Ministry of Defence training academy revealed

The attack had a "significant" impact on operations last year.
04 January 2022

Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022

Be alert, be proactive and break these 10 bad habits to improve your cyber-hygiene in 2022

The post Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022 appeared first on WeLiveSecurity

03 January 2022

Cyber-attack on UK’s Defence Academy caused ‘significant’ damage

Cyber-attack on UK’s Defence Academy caused ‘significant’ damage

Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs

A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.

Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.

Continue reading...
02 January 2022

The biggest data breaches, hacks of 2021

As COVID-19 continues to cause disruption, cyberattacks haven't let up, either.
31 December 2021

Copycat and fad hackers will be the bane of supply chain security in 2022

Experts explain why the supply chain is now a top target for cybercriminals -- and what we should expect to see in 2022.
31 December 2021

What the Rise in Cyber-Recon Means for Your Security Strategy

What the Rise in Cyber-Recon Means for Your Security Strategy Expect many more zero-day exploits in 2022, and cyberattacks using them being launched at a significantly higher rate, warns Aamir Lakhani, researcher at FortiGuard Labs.
30 December 2021

APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools

APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution.
30 December 2021

22 cybersecurity statistics to know for 2022

As we usher in the New Year, let’s take a look at some statistics that will help you stay up-to-date on recent cybersecurity trends

The post 22 cybersecurity statistics to know for 2022 appeared first on WeLiveSecurity

30 December 2021

Happy 12th Birthday, KrebsOnSecurity.com!

KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe "celebrate" is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this site's birthday also is a welcome opportunity to thank you all for your continued readership and support, which helps keep the content here free to everyone.
29 December 2021

Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud

Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud Jason Kent is Hacker-in-Residence at Cequence Security.
29 December 2021

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019

Cryptomining Attack Exploits Docker API Misconfiguration Since 2019 Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency.
29 December 2021

5 Cybersecurity Trends to Watch in 2022

5 Cybersecurity Trends to Watch in 2022 Here’s what cybersecurity watchers want infosec pros to know heading into 2022.  
29 December 2021

That Toy You Got for Christmas Could Be Spying on You

That Toy You Got for Christmas Could Be Spying on You Security flaws in the recently released Fisher-Price Chatter Bluetooth telephone can allow nearby attackers to spy on calls or communicate with children using the device.
28 December 2021