Cybersecurity News


10 Security Awareness Training Mistakes to Avoid

10 Security Awareness Training Mistakes to Avoid Give your cybersecurity culture a boost by adding these to the "don't" column of your cybersecurity awareness training do's and don'ts list.
10 May 2021

Fintech Startup Offers $500 for Payroll Passwords

How much is your payroll data worth? Probably a lot more than you think. One financial startup that's targeting the gig worker market is offering up to $500 to anyone willing to hand over the payroll account username and password given to them by their employer, plus a regular payment for each month afterwards in which those credentials still work.
10 May 2021

Exchange Exploitation: Not Dead Yet

Exchange Exploitation: Not Dead Yet The mass exploitation of Exchange Servers has been a wake-up call, and it will take all parties playing in concert for the industry to react, respond, and recover.
10 May 2021

Amazon seized, destroyed two million fake products sent to warehouses in 2020

Over 10 billion suspect listings were also wiped out during the year in a counterfeit crackdown.
10 May 2021

Lemon Duck hacking group adopts Microsoft Exchange Server vulnerabilities in new attacks

Fake TLDs are now also being created to maximize the potential success of attacks.
10 May 2021

Group pleads guilty to running bulletproof hosting service for criminal gangs, malware payloads

Zeus, SpyEye, Citadel, and the Blackhole exploit kit were among the strains stored through the host.
10 May 2021

Major U.S. Pipeline Crippled in Ransomware Attack

Major U.S. Pipeline Crippled in Ransomware Attack Colonial Pipeline Company says it is the victim of a cyberattack that forced the major provider of liquid fuels to the East Coast to temporarily halted all pipeline operations.
08 May 2021

iPhone Hack Allegedly Used to Spy on China’s Uyghurs

iPhone Hack Allegedly Used to Spy on China’s Uyghurs U.S. intelligence said that the Chaos iPhone remote takeover exploit was used against the minority ethnic group before Apple could patch the problem.
07 May 2021

How North Korean APT Kimsuky Is Evolving Its Tactics

Researchers find differences in Kimsuky's operations that lead them to divide the APT into two groups: CloudDragon and KimDragon.
07 May 2021

Most Organizations Feel More Vulnerable to Breaches Amid Pandemic

More than half of business see the need for significant long-term changes to IT due to COVID-19, research finds.
07 May 2021

FBI, NSA, CISA & NCSC Issue Joint Advisory on Russian SVR Activity

The report provides additional details on tactics of Russia's Foreign Intelligence Service following public attribution of the group to last year's SolarWinds attack.
07 May 2021

Week in security with Tony Anscombe

Ousaban banking trojan targeting Brazil – How to help your kids use safe passwords – DDoS attack takes Belgian government websites offline

The post Week in security with Tony Anscombe appeared first on WeLiveSecurity

07 May 2021

The Edge Pro Quote: Password Empowerment

The Edge Pro Quote: Password Empowerment Despite being a pain in the neck, passwords may hold a psychological purpose that security pros should take into account.
07 May 2021

Defending Against Web Scraping Attacks

Web scraping attacks, like Facebook's recent data leak, can easily lead to more significant breaches.
07 May 2021

80% of Net Neutrality Comments to FCC Were Fudged

80% of Net Neutrality Comments to FCC Were Fudged NY's AG: Millions of fake comments – in favor and against – came from a secret broadband-funded campaign or from a 19-year-old's fake identities.
07 May 2021

Investment Scammer John Davies Reinvents Himself?

John Bernard, a pseudonym used by a convicted thief and con artist named John Clifton Davies who’s fleeced dozens of technology startups out of an estimated $30 million, appears to have reinvented himself again after being exposed in a recent investigative series published here. Sources tell KrebsOnSecurity that Davies/Bernard is now posing as John Cavendish and head of a new “private office” called Hempton Business Management LLP.
07 May 2021

11 Reasons Why You Sorta Love Passwords

11 Reasons Why You Sorta Love Passwords We asked you to tell the truth about why you secretly love passwords. From the heartfelt to the hilarious, here's what you had to say.
07 May 2021

New Moriya rootkit stealthily backdoors Windows systems

Unknown attackers may have been quietly exploiting networks in attacks reaching back to 2018.
07 May 2021

IRS secures order to serve Kraken with customer data request on cryptocurrency traders

Users who have conducted $20,000 in transactions are now on the tax office’s radar.
07 May 2021

Google teams up with Stop Scams to tackle financial fraud in the UK

Companies are stepping up to tackle scams on and offline.
07 May 2021