Cybersecurity News
T-Mobile Investigating Claims of Massive Data Breach
Communications giant T-Mobile said today it is investigating the extent of a data breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer's mobile device.Critical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets

XSS Bug in SEOPress WordPress Plugin Allows Site Takeover

100m T-Mobile Customer Records Purportedly Up for Sale

Amazon’s Plan to Track Worker Keystrokes: A Sign of Controls to Come?

Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware

SolarWinds 2.0 Could Ignite Financial Crisis – Podcast

Exchange Servers Under Active Attack via ProxyShell Bugs

New Anti Anti-Money Laundering Services for Crooks
Two new dark web services are marketing to cybercriminals who are curious to see how their various cryptocurrency holdings and transactions may be linked to known criminal activity. Dubbed "Antinalysis" and "AMLBot," the services purport to offer a glimpse into how one's payment activity might be flagged by law enforcement agencies and private companies that try to link suspicious cryptocurrency transactions to real people.WordPress Sites Abused in Aggah Spear-Phishing Campaign

Week in security with Tony Anscombe
How IISpy spies on its victims and stays under the radar – IISerpent tampers with search engine results – How to avoid falling prey to ransomware
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
UK security chiefs issue guidance after hackers target ministers on WhatsApp

Exclusive: civil service chief points to work to improve cybersecurity in response to Labour concerns
Ministers and civil servants conducting “government by WhatsApp” have been exposed to hackers, leading to new advice from security chiefs about how to improve their privacy.
The cabinet secretary, Simon Case, revealed that the Government Security Group had issued new guidance after Labour raised questions about ministers using their personal phones to conduct official business.
Related: UK government admits ministers can use self-deleting messages
Continue reading...Rogue Marketplace AlphaBay Reboots

Black Hat: Novel DNS Hack Spills Confidential Corp Data

Payment Security Experts Emphasize Working Together
The PCI SSC Latin American Forum, an online event took place this week with more than 1,100 payment security practitioners from Latin America discussing the latest in payment security and standards. Here we talk with Carlos Caetano, PCI Security Standards Council Associate Director, Latin American Region for Brazil, Elder Vinicius Telles de Arruda, Information Security Manager, Getnet; Enildo Barros, IT Services Head, C6 Bank and Ricardo Nilsen Moreno, Information Security Superintendent, Banco Safra about cloud security trends, highlights from the Latin American Forum (LAF) and industry involvement opportunities for the region.
AdLoad Malware 2021 Samples Skate Past Apple XProtect

Ransomware Payments Explode Amid ‘Quadruple Extortion’

QR Code Scammers Get Creative with Bitcoin ATMs

Microsoft Warns: Another Unpatched PrintNightmare Zero-Day

Examining threats to device security in the hybrid workplace
As employees split their time between office and off-site work, there’s a greater potential for company devices and data to fall into the wrong hands
The post Examining threats to device security in the hybrid workplace appeared first on WeLiveSecurity