Ransomware cost US companies almost $21 billion in downtime in 2020
The victims lost an average of nine days to downtime and two-and-a-half months to investigations, an analysis of disclosed attacks shows
The post Ransomware cost US companies almost $21 billion in downtime in 2020 appeared first on WeLiveSecurity
Incident Response: 5 Principles to Boost the Infosec/Legal RelationshipEffective cyber-incident response means working well with legal. Matt Dunn, associate managing director for cyber-risk at Kroll, lays out how to do it.
FontOnLake malware strikes Linux systems in targeted attacksThe malware is accompanied by a rootkit to sink its claws firmly into vulnerable machines.
FBI arrests engineer for flogging nuclear warship data hidden in peanut butter sandwichA husband and wife team tried to sell critical information on US submarine nuclear reactors.
NSO Pegasus spyware can no longer target UK phone numbers
Israeli maker of surveillance software blocked +44 code after detecting hack against Princess Haya, source says
The powerful spyware used to hack into mobile phones belonging to Princess Haya and her divorce lawyer Fiona Shackleton is no longer effective against UK numbers, sources familiar with the software’s developer have said.
NSO Group, the Israeli maker of the Pegasus surveillance tool, implemented a change preventing client countries from targeting +44 numbers, the sources said, after it became aware of the British hacking scandal on 5 August last year.Continue reading...
Week in security with Tony Anscombe
ESET research discovers ESPecter bootkit – FontOnLake targeting Linux – Fake SafeMoon app update
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
BrewDog exposed data of 200,000 shareholders for over a yearThe beer's on BrewDog, too.
Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ GamingThe destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications.
Twitch Leak Included Emails, Passwords in Clear Text: ResearcherA researcher combed through the Twitch leak and found what they said was evidence of PayPal chargebacks with names and emails; employees' emails; and more.
Cybersecurity Month: Be Cyber Smart
As an Official Champion of National Cyber Security Awareness Month (NCSAM), the Council will be sharing educational resources on payment security best practices on the PCI Perspectives blog, and through our Twitter (@PCISSC) and LinkedIn pages. The Council will align these resources with the four weekly themes outlined by the National Cyber Security Alliance:
4 Key Questions for Zero-Trust SuccessAnurag Kahol, CTO & co-founder at Bitglass, offers tips for avoiding implementation pitfalls for zero trust.
No honor among thieves: One in five targets of FIN12 hacking group is in healthcareThe group strikes big game targets with annual revenues of over $6 billion.
FontOnLake: Previously unknown malware family targeting Linux
ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks
The post FontOnLake: Previously unknown malware family targeting Linux appeared first on WeLiveSecurity
Former Kent police officer sentenced for downloading child sex abuse materialThe disgraced officer has avoided jail.
Canopy Parental Control App Wide Open to Unpatched XSS BugsThe possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users.
VMware ESXi Servers Encrypted by Lightning-Fast Python ScriptThe little snippet of Python code strikes fast and nasty, taking less than three hours to complete a ransomware attack from initial breach to encryption.
ESPecter Bootkit Malware Haunts Victims with Persistent EspionageThe rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager.
Becoming a new chief information security officer today: The steps for successIt's no easy ride -- but here are some tips from an experienced CISO.
Google to turn on 2FA by default for 150 million users, 2 million YouTubers
Two-factor authentication is a simple way to greatly enhance the security of your account
The post Google to turn on 2FA by default for 150 million users, 2 million YouTubers appeared first on WeLiveSecurity