Month: August 2017

WikiLeaks suffer defacement at the hands of OurMine group

Read full post WikiLeaks’ whistleblowing website suffered an attack from the group known as OurMine on Thursday The post WikiLeaks suffer defacement at the hands of OurMine group appeared first on WeLiveSecurity

/ August 31, 2017

Cyber News Rundown: Edition 9/1/17

Read full post IRS-Themed Ransomware Using Old-School Tactics Over the past week, researchers have discovered a new ransomware variant that attempts to impersonate both the IRS and the FBI, similar to the FBI lockscreen malware that was popular several years...

/ August 31, 2017

Using Market Pressures to Improve Cybersecurity

Read full post Post-MedSec, Chris Wysopal discusses what impact the investor community — if not consumers — can have on squashing vulnerabilities and improving cybersecurity.

/ August 31, 2017

A server hosting dozens of popular file converter sites has been hacked

Read full post The server hosting the sites had been “tampered with for months on end, without the server owner noticing it.”

/ August 31, 2017

New Facebook, Instagram Bugs Demonstrate Social Media Risk

Read full post Security flaws in Facebook Messenger and Instagram let hackers propagate attacks and steal personal data.

/ August 31, 2017

Verizon Report: Businesses Hit with Payment Card Breaches Not Fully PCI-Compliant

Read full post Companies struggle to maintain PCI compliance within a year of meeting it, according to a new payment security report by Verizon.

/ August 31, 2017

Pacemaker gets firmware update – go and see your doctor

Read full post There’s finally a firmware update for the 465,000 affected pacemakers to fix the potentially life-threatening flaws

/ August 31, 2017

Beware scammers phishing for disaster charity – or anything else

Read full post When disaster strikes, scammers rush to exploit the good hearts of people wanting to help – here’s what to look out for

/ August 31, 2017

International Firms Struggle to Adapt as China’s Cybersecurity Law Takes Shape

Read full post After the release of new guidelines on critical information infrastructure, international companies are still searching for clarity on how to comply with the country’s new cyber regime.

/ August 31, 2017

US Debit Card Compromises Up 39%: FICO

Read full post FICO reports an increase in the number of compromised debit cards, ATMs, and point-of-sale devices in the first six months of 2017.

/ August 31, 2017

Machine learning for malware: what could possibly go wrong?

Read full post Relying on labels can make or break machine learning-based malware analysis – here’s how to mitigate that

/ August 31, 2017

White Ops, Trade Desk partner to tackle ad fraud

Read full post The companies aim to block fraudulent ad impressions before they are purchased.

/ August 31, 2017

Phishing for Your Information: How Phishers Bait Their Hooks

Read full post A treasure trove of PII from social networks and the public Internet is there for the taking.

/ August 31, 2017

Is your email in the latest cache of 711 million pwnd addresses?

Read full post The huge cache of addresses was discovered on a server based in the Netherlands – and the researchers are trying to get it taken down

/ August 31, 2017

Google removes 300 Android apps following DDoS attack

Read full post Google has been forced to remove almost 300 apps from its Play Store after learning that apps were being hijacked for DDoS attacks. The post Google removes 300 Android apps following DDoS attack appeared first on WeLiveSecurity

/ August 31, 2017

People-rating app Sarahah slurps up contacts for feature that doesn’t exist

Read full post And why would an apparently anonymous app want to suck your contact details to show to other users anyway?

/ August 31, 2017

HackerOne aims to pay bug bounty hunters $100 million by 2020

Read full post The bug bounty platform predicts that 200,000 vulnerabilities will have been fixed by the same year.

/ August 31, 2017

More than 700 million email addresses leaked in huge data breach

Read full post Huge data breach sees more than 700 million email addresses and passwords leaked publicly thanks to a misconfigured spambot, dubbed ‘Onliner’. The post More than 700 million email addresses leaked in huge data breach appeared first on...

/ August 31, 2017

Essential apologizes for ‘humiliating’ customer data leak

Read full post The new smartphone firm managed to phish its own customers.

/ August 31, 2017

Surviving the IT Security Skills Shortage

Read full post Cybersecurity professionals are in high demand — and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!

/ August 30, 2017

Ransomware Is Going More Corporate, Less Consumer

Read full post Cybercriminals on average charge $544 for ransom per device, signaling a new sweet spot for payouts.

/ August 30, 2017

St. Jude Pacemaker Gets Firmware Update ‘Intended as a Recall’

Read full post The devices that were the subject of a vulnerability disclosure debate last summer now have an FDA-approved fix.

/ August 30, 2017

Execs Underestimate Risks to Oracle EBS

Read full post It’s another sign that ERP keeps getting short shrift on the security front.

/ August 30, 2017

Albanian domain registrar kicks Neo-Nazi site Daily Stormer offline

Read full post The site was booted offline by an Albanian domain host, after the neo-Nazi site briefly sought refuge.

/ August 30, 2017

Russian-Speaking Turla Group Uses New Tools to Target Embassies, Consulates

Read full post Turla cyber espionage gang has been around for a long time and appears to be back in action after a temporary lull.

/ August 30, 2017

‘Onliner’ Spambot Amassed Hundreds of Millions of Stolen Email Addresses

Read full post Massive spambot relying on stolen email addresses, credentials, and SMTP and port information to expand.

/ August 30, 2017

Office 365: A Vehicle for Internal Phishing Attacks

Read full post A new threat uses internal accounts to spread phishing attacks, making fraudulent emails even harder to detect.

/ August 30, 2017

News in brief: AI writes new GoT book; Google breaks out of the speaker; Cortana and Alexa hook up

Read full post Your daily round-up of some of the other stories in the news

/ August 30, 2017

Hacking the Security Job Application Process

Read full post Simple advice to help job seekers dig out of the black hole of recruiter and employer hiring portals.

/ August 30, 2017

7 Things to Know About Today’s DDoS Attacks

Read full post DDoS attacks are no longer something that just big companies in a few industries need to worry about. They have become a threat to every business.

/ August 30, 2017

Do Autonomous Cars Dream of Driverless Roads?

Read full post The connected car is coming… and with it a need for consistent innovation of network technologies – throughput, latency, coverage, and cost – to keep us safe.

/ August 30, 2017

iOS 11’s most underrated security feature? A password manager

Read full post The upcoming iOS 11 update means you’ll never have to remember your app password again.

/ August 30, 2017

Bitcoin users, the taxman wants to know what’s in your piggybank

Read full post The IRS is taking steps to de-anonymize Bitcoin investors – but how successful will those be?

/ August 30, 2017

Cloud Security Alliance Offers Metrics for Cyber Resiliency

Read full post As cyberattacks grow in scale and complexity, businesses need metrics and processes to measure threats and restore functionality.

/ August 30, 2017

How Hackers Hide Their Malware: Advanced Obfuscation

Read full post Hackers continue to develop new ways to break into systems. Here are three of them, along with ways to fight back.

/ August 30, 2017

Trump’s cybersecurity advisers quit warning of ‘insufficient attention’

Read full post Departing members leave Trump with a list of recommendations that look a lot like … a plan

/ August 30, 2017

New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies

Read full post Security researchers at ESET have released new research today into the activities of the notorious Turla cyberespionage group. The post New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies appeared first on WeLiveSecurity

/ August 30, 2017

‘House of Cards’ publisher exposes gigabytes of sensitive client files

Read full post A backup drive on the publisher’s network exposed gigabytes of sensitive client data — including unpublished books, invoices, details of royalty payments, and contracts.

/ August 30, 2017

The Active Directory Botnet

Read full post It’s a nightmare of an implementation error with no easy fix. Ty Miller and Paul Kalinin explain how and why an attacker could build an entire botnet inside your organization.

/ August 30, 2017

FDA issues recall of 465,000 St. Jude pacemakers to patch security holes

Read full post Heart patients will have to visit their doctors to have their pacemakers patched for the “voluntary” recall — but there are risks.

/ August 30, 2017