Cybersecurity News
Global police shut down VPN service favored by cybercriminals
A global operation takes down the infrastructure of DoubleVPN and seizes data about its customers
The post Global police shut down VPN service favored by cybercriminals appeared first on WeLiveSecurity
Intl. Law Enforcement Operation Takes Down DoubleVPN
The VPN service allegedly provided a means for cybercriminals to target their victims, Europol officials report.3 Things Every CISO Wishes You Understood
Ensuring the CISO's voice is heard by the board will make security top of mind for the business, its employees, and their customers.7 Skills the Transportation Sector Needs to Fuel Its Security Teams
Without a top-notch team to stop attackers, our favorite modes of transportation could come to a screeching halt.
Why MTTR is Bad for SecOps
Kerry Matre, senior director at Mandiant, discusses the appropriate metrics to use to measure SOC and analyst performance, and how MTTR leads to bad behavior.
Zero-Day Used to Wipe My Book Live Devices
Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability.
PoC Exploit Circulating for Critical Windows Print Spooler Bug
The "PrintNightmare" bug may not be fully patched, some experts are warning, leaving the door open for widespread remote code execution attacks.
Is Compliance-Only Security Giving Cybercriminals Your Security Playbook?
Compliance-only security strategies aren't working. CISOs should squarely focus on being secure while achieving compliance.9 Hot Trends in Cybersecurity Mergers & Acquisitions
Security experts share their observations of the past year in cybersecurity M&A, highlighting key trends and notable deals.
Feds Told to Better Manage Facial Recognition, Amid Privacy Concerns
A GAO report finds government agencies are using the technology regularly in criminal investigations and to identify travelers, but need stricter management to protect people’s privacy and avoid inaccurate identification
Common Facebook scams and how to avoid them
Are you on Facebook? So are scammers. Here are some of the most common con jobs on Facebook you should watch out for and how you can tell if you’re being scammed.
The post Common Facebook scams and how to avoid them appeared first on WeLiveSecurity
Google Updates Vulnerability Data Format to Support Automation
The Open Source Vulnerability schema supports automated vulnerability handling in Go, Rust, Python, and Distributed Weakness Filing system, and it could be the favored format for future exporting of data.Ransomware Losses Drive Up Cyber-Insurance Costs
Premiums have gone up by 7% on average for small firms and between 10% and 40% for medium and large businesses.Users Clueless About Cybersecurity Risks: Study
The return to offices, coupled with uninformed users (including IT pros) has teed up an unprecedented risk of enterprise attack.
CISA Publishes Catalog of Poor Security Practices
Organizations often focus on promoting best practices, CISA says, but stopping poor security practices is equally important.Survey Data Reveals Gap in Americans' Security Awareness
Survey data reveals many people have never heard of major cyberattacks, including the attack targeting Colonial Pipeline.Technology's Complexity and Opacity Threaten Critical Infrastructure Security
Addressing the complexity of modern distributed software development is one of the most important things we can do to decrease supply chain risk.Microsoft Translation Bugs Open Edge Browser to Trivial UXSS Attacks
The bug in Edge's auto-translate could have let remote attackers pull off RCE on any foreign-language website just by sending a message with an XSS payload.
Data for 700 million LinkedIn users up for grabs on hacker forum
Information scraped from LinkedIn user profiles includes full names, gender, email addresses and phone numbers
The post Data for 700 million LinkedIn users up for grabs on hacker forum appeared first on WeLiveSecurity
For UK foreign secretary, simply having a mobile represents a security risk – analysis
Analysis: UK prides itself on GCHQ’s cyber capability – so availability of Raab’s number will have been embarrassing for him
Finding Dominic Raab’s mobile phone online is more than just embarrassing for the foreign secretary: it also represents a security risk, just as when it emerged Boris Johnson’s number could be easily found online in April.
Sophisticated spyware technology – of the type available to a rapidly growing number of governments outside the west – can, in some circumstances, be secretly inserted into a person’s phone without any interaction from the target.
Related: Dominic Raab’s mobile number freely available online for last decade
Related: Dominic Raab bodyguard suspended after gun reportedly left on plane
Continue reading...