Cybersecurity News


Broward Breach Highlights Healthcare Supply-Chain Problems

Broward Breach Highlights Healthcare Supply-Chain Problems More than 1.3 million patient records were stolen in the just-disclosed breach, which occurred back in October.
05 January 2022

Uber Bug, Ignored for Years, Casts Doubt on Official Uber Emails

Uber Bug, Ignored for Years, Casts Doubt on Official Uber Emails A simple-to-exploit bug that allows bad actors to send emails from Uber's official system -- skating past email security -- went unaddressed despite multiple flagging by researchers.
05 January 2022

FTC to Go After Companies that Ignore Log4j

FTC to Go After Companies that Ignore Log4j Companies that fail to protect secure consumer data from Log4J attacks are at risk of facing Equifax-esque legal action and fines, the FTC warned.
05 January 2022

‘Malsmoke’ Exploits Microsoft’s E-Signature Verification

‘Malsmoke’ Exploits Microsoft’s E-Signature Verification The info-stealing campaign using ZLoader malware – previously used to deliver Ryuk and Conti ransomware – already has claimed more than 2,000 victims across 111 countries.
05 January 2022

Purple Fox rootkit discovered in malicious Telegram installers

Slicing up files allows the malware to stay under the radar.
05 January 2022

Morgan Stanley agrees to $60 million settlement in data breach lawsuit

Customer data was held on legacy equipment that was later sold on without being wiped.
05 January 2022

Malsmoke hackers abuse Microsoft signature verification in ZLoader cyberattacks

Malware exploits the system to steal credentials and other data.
05 January 2022

5 ways hackers steal passwords (and how to stop them)

From social engineering to looking over your shoulder, here are some of the most common tricks that bad guys use to steal passwords

The post 5 ways hackers steal passwords (and how to stop them) appeared first on WeLiveSecurity

05 January 2022

Microsoft Sees Rampant Log4j Exploit Attempts, Testing

Microsoft Sees Rampant Log4j Exploit Attempts, Testing Microsoft says it's only going to get worse: It's seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December.
04 January 2022

SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More

SEGA’s Sloppy Security Confession: Exposed AWS S3 Bucket Offers Up Steam API Access & More SEGA's disclosure underscores a common, potentially catastrophic, flub — misconfigured Amazon Web Services (AWS) S3 buckets.
04 January 2022

Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites

Data Skimmer Hits 100+ Sotheby’s Real-Estate Websites The campaign was an opportunistic supply-chain attack abusing a weaponized cloud video player.
04 January 2022

Purple Fox Rootkit Dropped by Malicious Telegram Installers

Purple Fox Rootkit Dropped by Malicious Telegram Installers Multiple malicious installers were delivering the same Purple Fox rootkit version using the same attack chain, possibly distributed via email or phishing sites.
04 January 2022

McMenamins Data Breach Affects 12 Years of Employee Info

McMenamins Data Breach Affects 12 Years of Employee Info The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack.
04 January 2022

Troy Leach Says Farewell to PCI SSC


It is said that change is the only constant in life. And the last 21 months have been a time of unprecedented change in the way we live, work and travel.

These changes have brought with them a wave of changes as many companies and individuals reevaluate their opportunities and family responsibilities in the new way of working.

04 January 2022

Portuguese Media Giant Impresa Crippled by Ransomware Attack

Portuguese Media Giant Impresa Crippled by Ransomware Attack The websites of the company and the Expresso newspaper, as well as all of its SIC TV channels remained offline Tuesday after the New Year’s weekend attack.
04 January 2022

Instagram and teens: A quick guide for parents to keep their kids safe

How can you help your kids navigate Instagram safely? Here are a few tips to help you protect their privacy on the app.

The post Instagram and teens: A quick guide for parents to keep their kids safe appeared first on WeLiveSecurity

04 January 2022

Cyberattack against UK Ministry of Defence training academy revealed

The attack had a "significant" impact on operations last year.
04 January 2022

Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022

Be alert, be proactive and break these 10 bad habits to improve your cyber-hygiene in 2022

The post Breaking the habit: Top 10 bad cybersecurity habits to shed in 2022 appeared first on WeLiveSecurity

03 January 2022

Cyber-attack on UK’s Defence Academy caused ‘significant’ damage

Cyber-attack on UK’s Defence Academy caused ‘significant’ damage

Former senior officer says unsolved hack of MoD training school systems did not succeed but still had costs

A cyber-attack on the UK’s Defence Academy caused “significant” damage, a retired high-ranking officer has revealed.

Air Marshal Edward Stringer, who left the armed forces in August, told Sky News the attack, which was discovered in March 2021, meant the Defence Academy was forced to rebuild its network.

Continue reading...
02 January 2022

The biggest data breaches, hacks of 2021

As COVID-19 continues to cause disruption, cyberattacks haven't let up, either.
31 December 2021