Month: April 2017

How much are you giving away to fraudsters on Facebook?

Read full post It takes only three pieces of personal information to steal your identity – here’s our guide to protecting yourself on Facebook

/ April 26, 2017

Meet Chris Vickery, the internet’s data breach hunter

Read full post His job is simple: Find leaked and exposed data before the bad guys do.

/ April 26, 2017

What Role Should ISPs Play in Cybersecurity?

Read full post There are many actions ISPs could do to make browsing the Web safer, but one thing stands out.

/ April 26, 2017

6 Steps to Find Your Next Dozen Cloud Security Experts

Read full post There’s stiff competition for cloud security experts, but finding yours may actually be easier than you think.

/ April 26, 2017

New Ad Fraud Campaign Uses Millions of Domain Names to Bilk Advertising Networks

Read full post NoTrove has established a huge infrastructure to make money through click redirection and scam traffic-brokering.

/ April 26, 2017

Locky Returns with a New (Borrowed) Distribution Method

Read full post A layered defense is a strong security posture for dealing with a threat like Locky, that can come in different disguises.

/ April 26, 2017

Scam calls: Can you hear me, mother?

Read full post David Harley discusses a scam that has been making the rounds where, it’s reported, cold-calling scammers ask the victim ‘Can you hear me?’. The post Scam calls: Can you hear me, mother? appeared first on WeLiveSecurity

/ April 26, 2017

Call Center Fraud Spiked 113% in 2016

Read full post Criminals are increasingly spoofing caller ID using VoIP apps including Skype or Google Voice to hide their identity and location, according to a report released today by Pindrop Labs.

/ April 26, 2017

Why ransomware continues to dominate conference agendas, despite being ‘old news’

Read full post While there are still victims of ransomware who feel they have no option but to pay up, we’ll continue to focus on it

/ April 26, 2017

More LastPass flaws: researcher pokes holes in 2FA

Read full post LastPass has been in the news again for another chink in its armour – though it has now been fixed, you’ll be glad to hear

/ April 26, 2017

Will cybercrime and other cybersecurity issues undermine the digital economy?

Read full post ESET’s Stephen Cobb looks at whether or not cybercrime and other cybersecurity issues will undermine the digital economy. The post Will cybercrime and other cybersecurity issues undermine the digital economy? appeared first on WeLiveSecurity

/ April 26, 2017

Web Attacks Decline, Ransomware Attacks Surge

Read full post Symantec’s annual Internet Security Report data shows how attacks last year directly targeted end users, and became more efficient and lucrative.

/ April 25, 2017

INTERPOL Operation Sweeps Up Thousands of Cybercrime Servers Used for Ransomware, DDoS, Spam

Read full post Massive public-private ‘cyber surge’ in Asia identifies hundreds of compromised websites in operation that spans multiple cybercriminal groups, activities.

/ April 25, 2017

Chinese, Russian Cyber Groups Research Shadow Brokers Malware

Read full post Cyber communities in China and Russia have started digging into the most recent release of malware from Shadow Brokers.

/ April 25, 2017

xDedic Marketplace Data Spells Danger for Businesses

Read full post The xDedic marketplace, a hotspot for cybercriminals on the dark web, sells access to RDP servers to enable attacks on government and corporations.

/ April 25, 2017

Why (& How) CISOs Should Talk to Company Boards

Read full post The C-Suite needs to minimize cybersecurity risk in order to maximize its principal goal of attaining high-level, sustainable growth.

/ April 25, 2017

Hyundai Blue Link Vulnerability Allows Remote Start of Cars

Read full post Car maker Hyundai patched a vulnerability in its Blue Link software, which could potentially allow attackers to remotely unlock a vehicle and start it.

/ April 25, 2017

Critical Service Announcement

Read full post On April 24, Webroot experienced a technical issue affecting some business and consumer customers. A folder that is a known target for malware was incorrectly classified as bad. Webroot was not breached.  Actual malicious files are being identified...

/ April 25, 2017

Healthcare CERT warns about ‘Mole’ ransomware – what you need to know

Read full post More ransomware: this one changes your flile extensions to .MOLE, thus the name.

/ April 25, 2017

IT-OT Convergence: Coming to an Industrial Plant Near You

Read full post There’s been a big divide between IT and OT, but that must end. Here’s how to make them come together.

/ April 25, 2017

4 Industries Account for Majority of Global Ransomware Attacks

Read full post When it comes to 77% of global ransomware attacks, these four industries take the greatest hit, according to a global threat trends report released today.

/ April 25, 2017

Russian ‘pioneer’ of identity theft and card fraud jailed for 27 years

Read full post Roman Seleznev, the son of a Russian MP, has received the longest ever sentence for hacking to be handed down in the US

/ April 25, 2017

Linux Shishiga malware using LUA scripts

Read full post The usage of the BitTorrent protocol and Lua modules separates Linux/Shishiga from other types of malware, according to analysis by ESET. The post Linux Shishiga malware using LUA scripts appeared first on WeLiveSecurity

/ April 25, 2017

Machine learning and math can’t trump smart attackers

Read full post Machine learning alone is not enough to protect endpoints and predicting an attacker’s next moves. Other security solutions and human input are needed. The post Machine learning and math can’t trump smart attackers appeared first on WeLiveSecurity

/ April 25, 2017

Cisco’s Jasper unit aims to extend from IoT management to smartphones, tablets

Read full post With the move Cisco is looking to enter the enterprise mobility management space, but will do it by selling directly to the carriers, which will then use the platform to deliver services via their own portals.

/ April 25, 2017

Pawn Storm targets fresh victims to sway public political opinion

Read full post The sophisticated attackers are putting more and more pressure on the military, governments, celebrities and media worldwide.

/ April 25, 2017

Trump’s promise on cybersecurity: what’s been happening?

Read full post Work behind the scenes suggests that an executive order on cybersecurity could be signed by the end of the week

/ April 25, 2017

Apple threatened to oust Uber from App Store for ‘fingerprinting’ iPhones

Read full post Questions remain over if and how Uber still tracks devices after chief exec Kalanick was summoned to Apple for a roasting

/ April 25, 2017

N-day Nvidia, Android driver security flaw details revealed

Read full post Zimperium has revealed the details of two N-day vulnerabilities submitted through its exploit acquisition scheme.

/ April 25, 2017

Webroot antivirus mistakenly flags Windows as malware, bricking PCs

Read full post Windows’ system files were flagged as malicious, and Facebook was marked as a phishing site.

/ April 24, 2017

Macron Targeted by Russian Cyber Spies

Read full post France’s leading presidential candidate Emmanuel Macron’s campaign reportedly is being targeted by hackers ties to Russia’s military intelligence arm GRU.

/ April 24, 2017

A Closer Look at CIA-Linked Malware as Search for Rogue Insider Begins

Read full post Symantec researcher explains the goals behind CIA-linked hacking tools, as the government launches an investigation to discover who gave secret documents to WikiLeaks.

/ April 24, 2017

Microsoft App Aims to Delete the Password

Read full post Microsoft has officially launched its Authenticator app designed to simplify and secure user logins, raising questions about the future of password-free authentication.

/ April 24, 2017

Top secret messages sent via Confide might not be so secret after all

Read full post Confide, an app used by some Washington insiders, denies claims in lawsuit that it doesn’t prevent screenshots on all platforms

/ April 24, 2017

IT Engineer Stole Source Code to Verify Acquisition

Read full post Zhengquan Zhang admitted to installing malware on his employer’s servers, which he did to research a potential acquisition.

/ April 24, 2017

The Road Less Traveled: Building a Career in Cyberthreat Intelligence

Read full post It’s hard to become a threat intelligence pro, but there are three primary ways of going about it.

/ April 24, 2017

LinkedIn app’s oversharing via Bluetooth sparks alarm

Read full post LinkedIn said it was working on a fix for the issue – but it’s always a good idea to keep an eye on what you might be sharing via Bluetooth

/ April 24, 2017

What happens when a vendor doesn’t patch its software?

Read full post Third-party ‘guerilla’ patching can be a good example of the community stepping up to fix flaws – but it could also compromise security

/ April 24, 2017