Cybersecurity News


‘Lives are at stake’: hacking of US hospitals highlights deadly risk of ransomware

‘Lives are at stake’: hacking of US hospitals highlights deadly risk of ransomware

The number of ransomware attacks on US healthcare organizations increased 94% from 2021 to 2022, according to one report

Last week, the US government warned that hospitals across the US have been targeted by an aggressive ransomware campaign originating from North Korea since 2021.

Ransomware hacks, in which attackers encrypt computer networks and demand payment to make them functional again, have been a growing concern for both the private and public sector since the 90s. But they can be particularly devastating in the healthcare industry, where even minutes of down time can have deadly consequences, and have become ominously frequent.

Continue reading...
14 July 2022

API security moves mainstream

The heavyweights are now moving into API security, cementing it as “A Thing”

The post API security moves mainstream appeared first on WeLiveSecurity

14 July 2022

Just Updated: Key Blocks Information Supplement 


The PIN Security Requirement 18-3 Key Blocks Information Supplement provides a series of FAQs to help PIN acquiring entities with implementation of key blocks in accordance with requirement 18-3 in the PCI PIN Security Requirements v3.1.

13 July 2022

Large-Scale Phishing Campaign Bypasses MFA

Large-Scale Phishing Campaign Bypasses MFA Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets.
13 July 2022

Collaboration and knowledge sharing key to progress in cybersecurity

In a world of ever-evolving cyberthreats, collaboration and knowledge exchange are vital for keeping an edge on attackers

The post Collaboration and knowledge sharing key to progress in cybersecurity appeared first on WeLiveSecurity

13 July 2022

Microsoft Patch Tuesday, July 2022 Edition

Microsoft today released updates to fix at least 86 security vulnerabilities in its Windows operating systems and other software, including a weakness in all supported versions of Windows that Microsoft warns is actively being exploited. The software giant also has made a controversial decision to put the brakes on a plan to block macros in Office documents downloaded from the Internet.
12 July 2022

How War Impacts Cyber Insurance

How War Impacts Cyber Insurance Chris Hallenbeck, CISO for the Americas at Tanium, discusses the impact of geopolitical conflict on the cybersecurity insurance market.
12 July 2022

‘Callback’ Phishing Campaign Impersonates Security Firms

‘Callback’ Phishing Campaign Impersonates Security Firms Victims instructed to make a phone call that will direct them to a link for downloading malware.
12 July 2022

Play it safe: 5 reasons not to download pirated games

It’s all fun and games until you get hacked – and this is just one risk of downloading cracked games

The post Play it safe: 5 reasons not to download pirated games appeared first on WeLiveSecurity

12 July 2022

Rethinking Vulnerability Management in a Heightened Threat Landscape

Rethinking Vulnerability Management in a Heightened Threat Landscape Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist.
11 July 2022

Popular NFT Marketplace Phished for $540M

Popular NFT Marketplace Phished for $540M In March, a North Korean APT siphoned blockchain gaming platform Axie Infinity of $540M.
11 July 2022

Unveiling the New PCI SSC Website


The PCI Security Standards Council is pleased to announce the completion of the first phase of our newly redesigned website. The Council is committed to providing the latest payment security standards, training programs, certified listings, and educational resources to our global stakeholders- and the website is our primary channel to deliver this content. PCI SSC has prioritized feedback from the industry to improve the overall user experience. Visitors to our website will notice enhanced search functionality, improved navigation, and design changes which aid in making our site accessible to all.

11 July 2022

Experian, You Have Some Explaining to Do

Twice in the past month KrebsOnSecurity has heard from readers who've had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn't theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim's personal information and a different email address.
11 July 2022

Sneaky Orbit Malware Backdoors Linux Devices

Sneaky Orbit Malware Backdoors Linux Devices The novel threat steals data and can affect all processes running on the OS, stealing information from different commands and utilities and then storing it on the affected machine.
08 July 2022

Avoid travel digital disasters – Week in security with Tony Anscombe

Vacations are a great time to unwind, but if you're not careful, you may face a digital disaster. Here's how to keep your devices and data secure while you're on the move

The post Avoid travel digital disasters – Week in security with Tony Anscombe appeared first on WeLiveSecurity

08 July 2022

U.S. Healthcare Orgs Targeted with Maui Ransomware

U.S. Healthcare Orgs Targeted with Maui Ransomware State-sponsored actors are deploying the unique malware--which targets specific files and leaves no ransomware note--in ongoing attacks.
08 July 2022

Driving to France this summer? Watch out for scam websites before you go

Scammers don't take the summer off – be on your guard when buying your Crit'Air sticker

The post Driving to France this summer? Watch out for scam websites before you go appeared first on WeLiveSecurity

08 July 2022

How to keep your home secure when you travel

With travel stressful enough, you don't need the anxiety of wondering if your home is protected.
07 July 2022

Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol

Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.
07 July 2022

Apple to launch ‘lockdown mode’ to protect against Pegasus-style hacks

Apple to launch ‘lockdown mode’ to protect against Pegasus-style hacks

Firm says function is intended for users who face ‘grave, targeted threats to their digital security’

Apple is launching a “lockdown mode” for its devices to protect people – including journalists and human rights activists – targeted by hacking attacks like those launched by government clients of NSO Group using its Pegasus spyware.

Apple will roll out the setting in the autumn and believes it would have prevented previously known spyware attacks by closing down technical avenues for digital espionage. It said the lockdown mode was intended for users who face “grave, targeted threats to their digital security”.

Continue reading...
06 July 2022