Cybersecurity News


7 Old IT Things Every New InfoSec Pro Should Know

7 Old IT Things Every New InfoSec Pro Should Know Beneath all those containers and IoT devices, there's a rich patchwork of gear, protocols, and guidelines that have been holding it together since before you were born. Knowledge of those fundamentals is growing more valuable, not less.
20 April 2021

GEICO Alerts Customers Hackers Stole Driver License Data for Two Months

GEICO Alerts Customers Hackers Stole Driver License Data for Two Months The second-largest auto insurance provider in the U.S. has since fixed the vulnerability that exposed information from its website.
20 April 2021

WhatsApp Pink: Watch out for this fake update

The malware sends automated replies to messages on WhatsApp and other major chat apps

The post WhatsApp Pink: Watch out for this fake update appeared first on WeLiveSecurity

20 April 2021

Beware the Bug Bounty

In recent months, bug-bounty programs have shifted from mitigating risk to inadvertently creating new liabilities for customers and vendors.
20 April 2021

Internal Facebook email reveals intent to frame data scraping as ‘normalized, broad industry issue’

Updated: More scraping incidents are "expected" in the future.
20 April 2021

Lazarus hacking group now hides payloads in BMP image files

South Korea continues to be a favored target.
20 April 2021

Facebook cracks down on posts urging violence, mockery ahead of Chauvin verdict in George Floyd case

The company also aims to wipe out content that “praises, celebrates or mocks George Floyd's death.”
20 April 2021

Remote code execution vulnerabilities uncovered in smart air fryer

The impacted vendor has not responded or fixed the security issues.
20 April 2021

Detecting Fraud

Review your bank, credit card and financial statements regularly to identify unauthorized activity. This is one of the most effective ways to quickly detect if your bank account, credit card or identity has been compromised.
20 April 2021

White House Scales Back Response to SolarWinds & Exchange Server Attacks

Lessons learned from the Unified Coordination Groups will be used to inform future response efforts, a government official says.
19 April 2021

Attackers Test Weak Passwords in Purple Fox Malware Attacks

Researchers share a list of passwords that Purple Fox attackers commonly brute force when targeting the SMB protocol.
19 April 2021

Lazarus Group Uses New Tactic to Evade Detection

Attackers conceal malicious code within a BMP file to slip past security tools designed to detect embedded objects within images.
19 April 2021

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens

NitroRansomware Asks for $9.99 Discord Gift Codes, Steals Access Tokens The malware seems like a silly coding lark at first, but further exploration shows it can wreak serious damage in follow-on attacks.
19 April 2021

Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks

Ransomware: A Deep Dive into 2021 Emerging Cyber-Risks Our new eBook goes beyond the status quo to take a look at the evolution of ransomware and what to prepare for next.
19 April 2021

Google’s Project Zero to wait longer before disclosing bug details

The 30-day grace period is designed to speed up the rollout and adoption of patches

The post Google’s Project Zero to wait longer before disclosing bug details appeared first on WeLiveSecurity

19 April 2021

What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis

What COVID-19 Taught Us: Prepping Cybersecurity for the Next Crisis Sivan Tehila, cybersecurity strategist at Perimeter 81, discusses climate change and the cyber-resilience lessons companies should take away from dealing with the pandemic.
19 April 2021

SolarWinds: A Catalyst for Change & a Cry for Collaboration

Cybersecurity is more than technology or safeguards like zero trust; mostly, it's about collaboration.
19 April 2021

Peloton pushes back against ‘urgent’ warning against using Tread+ treadmill

The CPSC says the death of a child and dozens of injuries have been caused by the Peloton Tread+.
19 April 2021

Coding error allowed attackers to delete Facebook live video

The security issue earned the reporting researcher a substantial bug bounty.
19 April 2021

Don't Lose That Device

Did you know you are 100 times more likely to lose a laptop or mobile devices than have it stolen? When you are traveling, always double-check to make sure you have your devices with you, such as when leaving airport security, exiting your taxi or check out of your hotel.
19 April 2021