Fraudster jailed for stealing US military health records, millions in benefitsMilitary benefit fraud was the goal of a transnational criminal ring.
MFA Glitch Leads to 6K+ Coinbase Customers Getting RobbedCoinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA.
3.1M Neiman Marcus Customer Card Details BreachedExperts say the detection delay of 17 months is a colossal security blunder by the retailer.
Week in security with Tony Anscombe
New ESET Threat Report is out – Cybersecurity Awareness Month begins today – What organizations should do to secure their VPNs
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Flubot Malware Targets Androids With Fake Security UpdatesThe banking trojan keeps switching up its lies, trying to fool Android users into clicking on a fake Flubot-deleting app or supposedly uploaded photos of recipients.
FCC Proposal Targets SIM Swapping, Port-Out FraudThe U.S. Federal Communications Commission (FCC) is asking for feedback on new proposed rules to crack down on SIM swapping and number port-out fraud, increasingly prevalent scams in which identity thieves hijack a target's mobile phone number and use that to wrest control over the victim's online identity.
New APT ChamelGang Targets Russian Energy, Aviation OrgsFirst appearing in March, the group has been leveraging ProxyShell against targets in 10 countries and employs a variety of malware to steal data from compromised networks.
Chief exec of cybersecurity Group-IB arrested on treason chargeGroup-IB maintains the CEO is innocent.
Android, Java bug bunting tool Mariana Trench goes open sourceMariana Trench originated as an internal Facebook tool.
October is Cybersecurity Awareness Month! Why being cyber‑smart matters
The campaign may last for a month, but we should remember that cybersecurity is a year-round affair
The post October is Cybersecurity Awareness Month! Why being cyber‑smart matters appeared first on WeLiveSecurity
Google Emergency Update Fixes Two Chrome Zero DaysThis is the second pair of zero days that Google's fixed this month, all four of which have been actively exploited in the wild.
Military’s RFID Tracking of Guns May Endanger TroopsRFID gun tags leave the military exposed to tracking, sniffing and spoofing attacks, experts say.
Tips & Tricks for Unmasking Ghoulish API BehaviorJason Kent, hacker-in-residence at Cequence Security, discusses how to track user-agent connections to mobile and desktop APIs, to spot malicious activity.
Hackers could force locked iPhones to make contactless payments
Flaws in Apple Pay and Visa could allow criminals to make arbitrary contactless payments – no authentication needed, research finds
The post Hackers could force locked iPhones to make contactless payments appeared first on WeLiveSecurity
Just Published: P2PE v3.1
Today, the PCI SSC published a minor revision to the PCI Point-to-Point Encryption (P2PE) ® Standard. We talk with Mike Thompson, Senior Manager of Emerging Standards and the Chair of the PCI Council’s P2PE Working Group, about some of these changes.
Proxy Phantom: Fraud rings flood online merchants with credential stuffing attacksOver 1.5 million stolen credential sets are being used by one fraud operation.
The Top Ransomware Threats Aren’t Who You ThinkMove over REvil, Ragnar Locker, BlackMatter, Conti et al: Three lesser-known gangs account for the vast majority of ransomware attacks in the U.S. and globally.
Fears surrounding Pegasus spyware prompt new Trojan campaignCriminals hope that the lure of a promise to protect you from spyware will make you click that link.
Thousands of University Wi-Fi Networks Expose Log-In CredentialsCertificate misconfigurations of the EAP protocol in Eduroam (and likely other networks globally) threaten Android and Windows users.
ESET Threat Report T2 2021
A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The post ESET Threat Report T2 2021 appeared first on WeLiveSecurity