Cybersecurity News


When Scammers Get Scammed, They Take It to Cybercrime Court

When Scammers Get Scammed, They Take It to Cybercrime Court Underground arbitration system settles disputes between cybercriminals.
07 December 2021

Paving the way: Inspiring Women in Payments - A Q&A featuring Jessica Smith

 

With inspiration from her family of engineers, Jessica Smith was raised to approach problem-solving with curiosity, critical thinking, and creativity. These skillsets have helped her to pivot in a career path that started in photography, developed into finance and auditing, and now focuses on information security standards and compliance for the payments industry. In this edition of our blog, Jessica explains that working for a company that encourages the exploration of new skills and cross-training, including harnessing the power of mentorship programs, can make all the difference in one’s success.

07 December 2021

Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators

Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators The malware's unique blockchain-enabled backup C2 scheme makes it difficult to eliminate completely.
07 December 2021

SolarWinds Attackers Spotted Using New Tactics, Malware

SolarWinds Attackers Spotted Using New Tactics, Malware One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing.
07 December 2021

5 common gift card scams and how to spot them

It often pays to look a gift horse in the mouth – recognizing these types of gift card fraud will go a long way toward helping you stay safe from this growing threat not just this holiday season

The post 5 common gift card scams and how to spot them appeared first on WeLiveSecurity

07 December 2021

Crypto-Exchange BitMart to Pay Users for $200M Theft

Crypto-Exchange BitMart to Pay Users for $200M Theft BitMart confirmed it had been drained of ~$150 million in cryptocurrency assets, but a blockchain security firm said it's closer to $200 million.
06 December 2021

Are You Guilty of These 8 Network-Security Bad Practices?

Are You Guilty of These 8 Network-Security Bad Practices? Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears.
06 December 2021

Cyber Command Publicly Joins Fight Against Ransomware Groups  

Cyber Command Publicly Joins Fight Against Ransomware Groups   U.S. military acknowledges targeting cybercriminals who launch attacks on U.S. companies.
06 December 2021

Cuba Ransomware Gang Hauls in $44M in Payouts

Cuba Ransomware Gang Hauls in $44M in Payouts The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned.
06 December 2021

Pegasus Spyware Infects U.S. State Department iPhones

Pegasus Spyware Infects U.S. State Department iPhones It's unknown who's behind the cyberattacks against at least nine employees' iPhones, who are all involved in Ugandan diplomacy.
06 December 2021

Apache Kafka Cloud Clusters Expose Sensitive Data for Large Companies

Apache Kafka Cloud Clusters Expose Sensitive Data for Large Companies The culprit is misconfigured Kafdrop interfaces, used for centralized management of the open-source platform.
06 December 2021

What are buffer overflow attacks and how are they thwarted?

Ever since the Morris worm, buffer overflows have become notorious fare in the world of vulnerabilities

The post What are buffer overflow attacks and how are they thwarted? appeared first on WeLiveSecurity

06 December 2021

Who Is the Network Access Broker ‘Babam’?

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access credentials -- such as usernames and passwords needed to remotely connect to the target's network. In this post we'll look at the clues left behind by "Babam," the handle chosen by a cybercriminal who has sold such access to ransomware groups on many occasions over the past few years.
03 December 2021

Pandemic-Influenced Car Shopping: Just Use the Manufacturer API

Pandemic-Influenced Car Shopping: Just Use the Manufacturer API Jason Kent, hacker-in-residence at Cequence, found a way to exploit a Toyota API to get around the hassle of car shopping in the age of supply-chain woes.
03 December 2021

Omicron Phishing Scam Already Spotted in UK

Omicron Phishing Scam Already Spotted in UK Omicron COVID-19 variant anxiety inspires new phishing scam offering fake NHS tests to steal data.
03 December 2021

NSO Group spyware used to hack at least nine US officials’ phones – report

NSO Group spyware used to hack at least nine US officials’ phones – report

Revelation comes just weeks after the Biden administration placed NSO on a US blacklist

The iPhones of at least nine US state department officials were recently hacked by a government using NSO Group spyware, according to a new report that raised serious questions about the use of Israeli surveillance tools against US government officials around the world.

The claim, which was reported by Reuters, comes just weeks after the Biden administration placed NSO on a US blacklist and said the surveillance company acted “contrary to the foreign policy and national security interests of the US”.

Continue reading...
03 December 2021

What Are Your Top Cloud Security Challenges? Threatpost Poll

What Are Your Top Cloud Security Challenges? Threatpost Poll We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll!
03 December 2021

Week in security with Tony Anscombe

ESET researchers analyze malware frameworks targeting air-gapped networks – ESET Research launches a podcast – INTERPOL cracks down on online fraud

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

03 December 2021

Scammers exploit Omicron fears in new COVID‑19 phishing campaign

Fraudsters take advantage of the emergence of the new variant to dupe unsuspecting victims out of their sensitive data

The post Scammers exploit Omicron fears in new COVID‑19 phishing campaign appeared first on WeLiveSecurity

03 December 2021

Threat Group Takes Aim Again at Cloud Platform Provider Zoho

Threat Group Takes Aim Again at Cloud Platform Provider Zoho Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio.
03 December 2021