Podcast: 67% of Orgs Have Been Hit by Ransomware at Least OnceFortinet’s Derek Manky discusses a recent global survey showing that two-thirds of organizations suffered at least one ransomware attack, while half were hit multiple times.
Employee offboarding: Why companies must close a crucial gap in their security strategy
There are various ways a departing employee could put your organization at risk of a data breach. How do you offboard employees the right way and ensure your data remains safe?
The post Employee offboarding: Why companies must close a crucial gap in their security strategy appeared first on WeLiveSecurity
FreakOut Botnet Turns DVRs Into Monero CryptominersThe new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.
Brizy WordPress Plugin Exploit Chains Allow Full Site TakeoversA stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc.
Cybersecurity Month: Defense Against Phishing Attacks
As an Official Champion of National Cyber Security Awareness Month (NCSAM), the Council will be sharing educational resources on payment security best practices on the PCI Perspectives blog, and through our Twitter (@PCISSC) and LinkedIn pages. The Council will align these resources with the four weekly themes outlined by the National Cyber Security Alliance:
How Coinbase Phishers Steal One-Time PasswordsA recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. It also shows that phishers are attempting to sign up for new Coinbase accounts by the millions as part of an effort to identify email addresses that are already associated with active accounts.
Mandating a Zero-Trust Approach for Software Supply ChainsSounil Yu, CISO at JupiterOne, discusses software bills of materials (SBOMs) and the need for a shift in thinking about securing software supply chains.
OpenSea ‘Free Gift’ NFTs Drain Cryptowallet BalancesCybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users.
International cryptocurrency scam ring targets European dating app usersYou might lose your money as well as your heart.
Apple: Forcing app sideloading would turn iPhones into virus-prone 'pocket PCs'Apple says that sideloading would undermine the "privacy and security protections" of iPhones.
30 Mins or Less: Rapid Attacks Extort Orgs Without RansomwareThe previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.
Bugs allowing malicious NFT uploads uncovered in OpenSea marketplaceMalicious NFTs could have become an attack vector for hackers trying to steal digital wallet funds.
Don’t get phished! How to be the one that got away
If it looks like a duck, swims like a duck, and quacks like a duck, then it's probably a duck. Now, how do you apply the duck test to defense against phishing?
The post Don’t get phished! How to be the one that got away appeared first on WeLiveSecurity
Microsoft Kills Bug Being Exploited in MysterySnail Espionage CampaignMicrosoft's October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers.
Patch Tuesday, October 2021 EditionMicrosoft today issued updates to plug more than 70 security holes in its Windows operating systems and other software, including one vulnerability that is already being exploited in active attacks. This month's Patch Tuesday also includes security fixes for the newly released Windows 11 operating system.
Windows Zero-Day Actively Exploited in Widespread Espionage CampaignThe cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers.
Office 365 Spy Campaign Targets US Military DefenseAn Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others.
Paving the Way: Inspiring Women in Payments - A Podcast Featuring Adelia Castelino
As a female entrepreneur, Adelia Castelino credits much of her early success to the role models who inspired and supported her vision to create a small start-up business, which has since flourished into a successful global company. In this edition of our podcast, Adelia explains that to sustain more women in the dynamic world of payments, mentorships are an increasingly important way that women can nurture their talents while supporting other women in their industry.
Microsoft thwarts record‑breaking DDoS attack
The attack, which clocked in at 2.4 Tbps, targeted one of Azure customers based in Europe
The post Microsoft thwarts record‑breaking DDoS attack appeared first on WeLiveSecurity