Cybersecurity News
Changing Employee Security Behavior Takes More Than Simple Awareness
Designing a behavioral change program requires an audit of existing security practices and where the sticking points are.
26 November 2020
SIM swap scam: What it is and how to protect yourself
Here’s what to know about attacks where a fraudster has your number, literally and otherwise
The post SIM swap scam: What it is and how to protect yourself appeared first on WeLiveSecurity
26 November 2020
Sophos notifies customers of data exposure after database misconfiguration
Exclusive: Company says that only a small subset of customers were impacted.26 November 2020
Xbox bug could have allowed hackers to link gamer tags with players' emails
The bug could have been exploited by playing around in a browser's developer console and editing a cookie field.25 November 2020
Security researcher accidentally discovers Windows 7 and Windows Server 2008 zero-day
The vulnerability was discovered while the security researcher was working on a Windows security tool.25 November 2020
Do You Know Who's Lurking in Your Cloud Environment?
A security researcher explains the dangers of poor visibility in the cloud and a new strategy to evaluate IAM exposure in Google Cloud Platform.25 November 2020
Look Beyond the 'Big 5' in Cyberattacks
Don't ignore cyber operations outside US and European interests, researcher says. We can learn a lot from methods used by attackers that aren't among the usual suspects.25 November 2020
Three members of TMT cybercrime group arrested in Nigeria
The TMT group has infected more than 50,000 organizations around the world with malware.25 November 2020
Major BEC Phishing Ring Cracked Open with 3 Arrests
Some 50,000 targeted victims have been identified so far in a massive, global scam enterprise that involves 26 different malwares.
25 November 2020
Critical MobileIron RCE Flaw Under Active Attack
Attackers are targeting the critical remote code-execution flaw to compromise systems in the healthcare, local government, logistics and legal sectors, among others.
25 November 2020
How to Update Your Remote Access Policy – And Why You Should Now
Reducing the risks of remote work starts with updating the access policies of yesterday.
25 November 2020
Prevention Is Better Than the Cure When Securing Cloud-Native Deployments
The "OODA loop" shows us how to secure cloud-native deployments and prevent breaches before they occur.
25 November 2020
Why Security Awareness Training Should Be Backed by Security by Design
Cybersecurity training needs an overhaul, though the training itself is only one small part of how security teams can influence user behavior.25 November 2020
Light-Based Attacks Expand in the Digital Home
The team that hacked Amazon Echo and other smart speakers using a laser pointer continue to investigate why MEMS microphones respond to sound.
25 November 2020
YouTube suspends OANN for allegedly peddling fake COVID-19 cures
If the outlet wants to monetize videos in the future, it must reapply to YouTube’s member program.25 November 2020
Home Depot agrees to $17.5 million settlement over 2014 data breach
The US retailer’s point-of-sale systems were infected with malware.25 November 2020
Latest Version of TrickBot Employs Clever New Obfuscation Trick
The malware takes advantage of how the Windows command line interpreter works to try and slip past anti-detection tools, Huntress Labs says.24 November 2020
Baidu Apps Leaked Location Data, Machine Learning Reveals
Several apps available on the Google Play Store, including two made by Chinese Internet giant Baidu, leaked information about the phone's hardware and location without the user's knowledge, research finds.24 November 2020
How Ransomware Defense is Evolving With Ransomware Attacks
As data exfiltration threats and bigger ransom requests become the norm, security professionals are advancing from the basic "keep good backups" advice.
24 November 2020
CISA Warns of Holiday Online Shopping Scams
The agency urges shoppers to be cautious of fraudulent websites, unsolicited emails, and unencrypted financial transactions.24 November 2020