Category: welivesecurity

Read the original article: Week in security with Tony Anscombe Why deleting your personal data from social media may be impossible – How do you reset your face after a data breach? – The perils of working from a hotel…

Read more →

Read the original article: Google adds password breach alerts to Chrome for Android, iOS The feature is part of the browser’s security improvements that were first built into its desktop version The post Google adds password breach alerts to Chrome…

Read more →

Read the original article: Working from a hotel? Beware the dangers of public Wi‑Fi As more and more hotels are turning rooms into offices, the FBI is warning remote workers of cyber-threats lurking in the shadows The post Working from…

Read more →

Read the original article: Had your face stolen lately? It’s easy to reset your password or PIN after a data breach. But reset your face? Not so much. The post Had your face stolen lately? appeared first on WeLiveSecurity  …

Read more →

Read the original article: US gov’t warns against paying off ransomware attackers Companies facilitating ransomware payments run the risk of facing stern penalties for violating US regulations The post US gov’t warns against paying off ransomware attackers appeared first on…

Read more →

Read the original article: 5 steps to secure your connected devices As we steadily adopt smart devices into our lives, we shouldn’t forget about keeping them secured and our data protected The post 5 steps to secure your connected devices…

Read more →

Read the original article: FBI, CISA warn of disinformation campaigns about hacked voting systems Threat actors may spread false claims about compromised voting systems in order to undermine confidence in the electoral process The post FBI, CISA warn of disinformation…

Read more →

Read the original article: 5 tips for better Google Drive security As cloud storage solutions are becoming more and more popular, we look at several simple steps you can take to secure your files on Google Drive The post 5…

Read more →

Read the original article: Week in security with Tony Anscombe Bug let hijack Firefox browsers on other phones over Wi-Fi – NIST’s new tool to help firms understand why staff fall for phishing – Almost 200 arrested in dark web…

Read more →

Read the original article: Ray‑Ban parent company reportedly suffers major ransomware attack There is no evidence that cybercriminals were also able to steal customer data The post Ray‑Ban parent company reportedly suffers major ransomware attack appeared first on WeLiveSecurity  …

Read more →

Read the original article: 179 arrested in massive dark web bust The sting is said to be the US Government’s largest operation targeting crime in the internet’s seedy underbelly The post 179 arrested in massive dark web bust appeared first…

Read more →

Read the original article: New tool helps companies assess why employees click on phishing emails NIST’s new tool can help organizations improve the testing of their employees’ phish-spotting prowess The post New tool helps companies assess why employees click on…

Read more →

Read the original article: Mozilla fixes flaw that let attackers hijack Firefox for Android via Wi‑Fi Attackers could have exploited the flaw to steal victims’ login credentials or install malware on their devices The post Mozilla fixes flaw that let…

Read more →

Read the original article: 5 ways cybercriminals can try to extort you What are some common strategies cybercriminals employ in extortion schemes and how can you mitigate the chances of falling victim to a cyber-shakedown? The post 5 ways cybercriminals…

Read more →

Read the original article: Week in security with Tony Anscombe Zoom now supports two-factor authentication. A cyber attack, which affected 14 inboxes belonging to Quebec’s Department of Justice, was confirmed by ESET researchers. The post Week in security with Tony…

Read more →

Read the original article: Plugging in a strange USB drive – What could possibly go wrong? While wanting to return a found USB flash drive is commendable, you should avoid taking unnecessary risks, lest your device get infested and your…

Read more →

Read the original article: Sports data for ransom – it’s not all just fun and games anymore Sports and training data are more sophisticated and affordable than ever. With the democratization of (sports) performance data, are your personal information safe?…

Read more →

Read the original article: Emotet strikes Quebec’s Department of Justice: An ESET Analysis The cyber attack affects 14 inboxes belonging to the Department of Justice was confirmed by ESET researchers.  The post Emotet strikes Quebec’s Department of Justice: An ESET Analysis appeared first on WeLiveSecurity  …

Read more →

Read the original article: Zoom makes 2FA available for all its users Zoom now supports phone calls, text messages and authentication apps as forms of two-factor authentication   The post Zoom makes 2FA available for all its users appeared first on…

Read more →

Read the original article: Week in security with Tony Anscombe ESET researchers have discovered and analyzed CDRThief, a malware that targets Voice over IP (VoIP) softswitches. Righard Zwienenberg deep in the lead-offering business and invites us to take steps to…

Read more →

Read the original article: Who is calling? CDRThief targets Linux VoIP softswitches ESET researchers have discovered and analyzed malware that targets Voice over IP (VoIP) softswitches. The post Who is calling? CDRThief targets Linux VoIP softswitches appeared first on WeLiveSecurity…

Read more →

Read the original article: Portland passes the strictest facial recognition technology ban in the US yet Oregon’s largest city aims to be a trailblazer when it comes to facial recognition legislation . The post Portland passes the strictest facial recognition technology ban in the US yet  appeared first on…

Read more →

Read the original article: UK University suffers cyberattack, ransomware gang claims responsibility The cyber incident has taken most of Newcastle University’s systems offline and officials estimates it will take weeks to recover.  The post UK University suffers cyberattack, ransomware gang…

Read more →

Read the original article: Lead‑offering business booming as usual! …but there are no conferences or exhibitions??? The post Lead‑offering business booming as usual! appeared first on WeLiveSecurity   Advertise on IT Security News. Read the original article: Lead‑offering business booming…

Read more →

Read the original article: TikTok Family Pairing: Curate your children’s content and more With TikTok being all the rage especially with teens, we look at a feature that gives parents greater control over how their children interact with the app…

Read more →

Read the original article: Week in security with Tony Anscombe ESET research dissects KryptoCibule malware family – Why close unused accounts rather than just remove apps – Microsoft’s new deepfake detector The post Week in security with Tony Anscombe appeared…

Read more →

Read the original article: Houseparty – should I stay or should I go now? What’s the benefit of deleting your Houseparty – or any other unused – account, rather than just uninstalling the app? The post Houseparty – should I…

Read more →

Read the original article: Microsoft debuts deepfake detection tool As the US presidential election nears, the company’s new tech should also help assure people that an image or video is authentic The post Microsoft debuts deepfake detection tool appeared first…

Read more →

Read the original article: KryptoCibule: The multitasking multicurrency cryptostealer ESET researchers analyze a previously undocumented trojan that is spread via malicious torrents and uses multiple tricks to squeeze as many cryptocoins as possible from its victims while staying under the…

Read more →

Read the original article: Norway’s parliament struck by hackers Unknown threat actors were able to exfiltrate information from the email accounts of several parliamentarians The post Norway’s parliament struck by hackers appeared first on WeLiveSecurity   Advertise on IT Security…

Read more →

Read the original article: Security flaw allows bypassing PIN verification on Visa contactless payments The vulnerability could allow criminals to rack up fraudulent charges on the cards without needing to know the PINs The post Security flaw allows bypassing PIN…

Read more →

Read the original article: Week in security with Tony Anscombe Canada’s government services hit by cyberattacks – Vishing attacks surge amid COVID-19 pandemic – DDoS extortionists strike again The post Week in security with Tony Anscombe appeared first on WeLiveSecurity…

Read more →

Read the original article: DDoS extortion campaign targets financial firms, retailers The extortionists attempt to scare the targets into paying by claiming to represent some of the world’s most notorious APT groups The post DDoS extortion campaign targets financial firms,…

Read more →

Read the original article: New Chrome, Firefox versions fix security bugs, bring productivity features Chrome gets a new way of managing tabs while Firefox now features a new add-ons blocklist The post New Chrome, Firefox versions fix security bugs, bring…

Read more →

Read the original article: FBI, CISA warn of spike in vishing attacks Cybercriminals increasingly take aim at teleworkers, setting up malicious duplicates of companies’ internal VPN login pages The post FBI, CISA warn of spike in vishing attacks appeared first…

Read more →

Read the original article: How to secure your TikTok account From keeping your account safe to curating who can view your liked content, we look at how you can increase your security and privacy on TikTok The post How to…

Read more →

Read the original article: Cyber attacks: Several Canadian government services disrupted Several services from the Canadian government, including the national revenue agency, had to be shut down following a series of credential stuffing cyberattacks. The post Cyber attacks: Several Canadian…

Read more →

Read the original article: Grandoreiro banking trojan impersonates Spain’s tax agency Beware the tax bogeyman – there are tax scams aplenty The post Grandoreiro banking trojan impersonates Spain’s tax agency appeared first on WeLiveSecurity   Advertise on IT Security News.…

Read more →

Read the original article: Week in security with Tony Anscombe This week, ESET researchers analyze fraud emails from the infamous Grandoreiro banking Trojan, impersonating the Agencia Tributaria, Spain’s tax agency. Our security expert Jake Moore demonstrates how easily it is to…

Read more →

Read the original article: How to prepare and protect your digital legacy It’s never too soon to plan for what will happen to your digital presence after you pass away The post How to prepare and protect your digital legacy…

Read more →

Read the original article: Ritz London clients scammed after apparent data breach Armed with personal data stolen from the hotel’s dining reservation system, fraudsters trick guests into handing over their credit card details The post Ritz London clients scammed after…

Read more →

Read the original article: Attack of the Instagram clones Could your social media account be spoofed, why would anybody do it, and what can you do to avoid having a doppelgänger? The post Attack of the Instagram clones appeared first…

Read more →

Read the original article: Google will test new feature in Chrome to curb phishing The web browser will only display domain names as a way to help people recognize impostor websites The post Google will test new feature in Chrome…

Read more →

Read the original article: Week in security with Tony Anscombe A deep dive into Mekotio – The financial fallout from data breaches – Fixing election security issues The post Week in security with Tony Anscombe appeared first on WeLiveSecurity  …

Read more →

Read the original article: Mekotio: These aren’t the security updates you’re looking for… Another in our occasional series demystifying Latin American banking trojans The post Mekotio: These aren’t the security updates you’re looking for… appeared first on WeLiveSecurity   Advertise…

Read more →

Read the original article: What is the cost of a data breach? The price tag is higher if the incident exposed customer data or if it was the result of a malicious attack, an annual IBM study finds The post…

Read more →

Read the original article: Twitter working to fix issue with 2FA feature An apparent glitch is preventing a number of users from signing into their accounts The post Twitter working to fix issue with 2FA feature appeared first on WeLiveSecurity…

Read more →

Read the original article: Black Hat 2020: Fixing voting – boiling the ocean? With the big voting day rapidly approaching, can the security of the election still be shored up? If so, how? The post Black Hat 2020: Fixing voting – boiling…

Read more →

Read the original article: Small and medium‑sized businesses: Big targets for ransomware attacks Why are SMBs a target for ransomware-wielding gangs and what can they do to protect themselves against cyber-extortion? The post Small and medium‑sized businesses: Big targets for…

Read more →

Read the original article: Stadeo: Deobfuscating Stantinko and more We introduce Stadeo – a set of scripts that can help fellow threat researchers and reverse engineers to deobfuscate the code of Stantinko and other malware The post Stadeo: Deobfuscating Stantinko…

Read more →

Read the original article: Week in security with Tony Anscombe ESET highlights new research at Black Hat 2020 – What to if your data was stolen in the Blackbaud breach The post Week in security with Tony Anscombe appeared first…

Read more →

Read the original article: Blackbaud data breach: What you should know Here’s what to be aware of if your personal data was compromised in the breach at the cloud software provider The post Blackbaud data breach: What you should know appeared first…

Read more →

Read the original article: Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping At Black Hat USA 2020, ESET researchers delved into details about the KrØØk vulnerability in Wi-Fi chips and revealed that similar bugs affect more chip brands than…

Read more →

Read the original article: NSA shares advice on how to limit location tracking The intelligence agency warns of location tracking risks and offers tips for how to reduce the amount of data shared The post NSA shares advice on how…

Read more →

Read the original article: FBI warns of surge in online shopping scams In one scheme, shoppers ordering gadgets or gym equipment are in for a rude surprise – they receive disposable face masks instead The post FBI warns of surge…

Read more →

Read the original article: How much is your personal data worth on the dark web? The going prices are likely lower than you’d think – your credit card details, for example, can go for a few bucks The post How…

Read more →

Read the original article: Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface The post Thunderspy attacks:…

Read more →

Read the original article: 10 billion records exposed in unsecured databases, study says The databases contain personal information that could be used for phishing attacks and identity theft schemes The post 10 billion records exposed in unsecured databases, study says…

Read more →

Read the original article: Twitter breach: Staff tricked by ‘phone spear phishing’ The attackers exploited the human factor to gain access to Twitter’s internal systems and the accounts of some of the world’s most prominent figures The post Twitter breach:…

Read more →

Read the original article: Week in security with Tony Anscombe New ESET Threat Report is out – Defending against Thunderspy attacks – Thousands of databases wiped in Meow attacks The post Week in security with Tony Anscombe appeared first on…

Read more →

Read the original article: ESET Threat Report Q2 2020 A view of the Q2 2020 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts The post ESET Threat Report Q2 2020…

Read more →

Read the original article: FBI warns of disruptive DDoS amplification attacks The Bureau expects cybercriminals to increasingly abuse new threat vectors for large-scale DDoS attacks The post FBI warns of disruptive DDoS amplification attacks appeared first on WeLiveSecurity   Advertise…

Read more →

Read the original article: Almost 4,000 databases now wiped in ‘Meow’ attacks The attackers and their motivations remain unknown; however, the incidents yet again highlight the risks of careless data security The post Almost 4,000 databases now wiped in ‘Meow’…

Read more →

Read the original article: Premier League team narrowly avoids losing £1 million to scammers In another incident, ransomware attackers almost forced the cancellation of a match, a report reveals The post Premier League team narrowly avoids losing £1 million to scammers appeared…

Read more →

Read the original article: Week in security with Tony Anscombe VPN services accused of leaking personal data – Better security in Gmail, Meet and Chat – Data breach reports in 1H2020 The post Week in security with Tony Anscombe appeared…

Read more →

Read the original article: Google adds security enhancements to Gmail, Meet and Chat The tech giant introduces its own version of verified accounts in Gmail, rolls out increased moderation controls in Meet, and enhances phishing protection in Chat The post…

Read more →

Read the original article: Privacy watchdogs urge videoconferencing services to boost privacy protections The open letter highlights five security and privacy principles that require heightened attention from videoconferencing services The post Privacy watchdogs urge videoconferencing services to boost privacy protections…

Read more →

Read the original article: Argentine telecom company hit by major ransomware attack Telecom Argentina says it has contained the attack and regained access to its systems without paying up The post Argentine telecom company hit by major ransomware attack appeared…

Read more →

Read the original article: Data breach reports down by one‑third in first half of 2020 The Identity Theft Resource Center doesn’t expect the trend to last, however The post Data breach reports down by one‑third in first half of 2020…

Read more →

Read the original article: 7 VPN services leaked data of over 20 million users, says report A report calls into question the providers’ security practices and dismisses their claims of being no-log VPN services The post 7 VPN services leaked…

Read more →

Read the original article: Week in security with Tony Anscombe Trojanized cryptocurrency trading apps targeting Mac users – An Android chat app turns out to be spyware – Twitter sustains a massive hack The post Week in security with Tony…

Read more →

Read the original article: Mac cryptocurrency trading application rebranded, bundled with malware ESET researchers lure GMERA malware operators to remotely control their Mac honeypots The post Mac cryptocurrency trading application rebranded, bundled with malware appeared first on WeLiveSecurity   Advertise…

Read more →

Read the original article: High‑profile Twitter accounts hacked to promote Bitcoin scam Tech titans and prominent politicians among victims of a sprawling hack that Twitter says leveraged its internal tools The post High‑profile Twitter accounts hacked to promote Bitcoin scam…

Read more →

Read the original article: Mobile security threats amid COVID‑19 and beyond: A Q&A with Lukas Stefanko ESET malware researcher Lukas Stefanko gives us a peek behind the scenes of his analysis of CryCryptor ransomware and puts the threat into a broader context…

Read more →

Read the original article: Details of 142 million MGM hotel guests selling for US$2,900 It appears that the July 2019 breach at MGM Resorts affected far more people than initially thought The post Details of 142 million MGM hotel guests…

Read more →

Read the original article: Microsoft patches critical, wormable flaw in Windows DNS Server The company urges organizations to waste no time in installing updates to fix the vulnerability that rates a ‘perfect’ 10 on the severity scale The post Microsoft…

Read more →

Read the original article: Welcome Chat as a secure messaging app? Nothing could be further from the truth ESET research uncovers a malicious operation that both spies on victims and leaks their data The post Welcome Chat as a secure…

Read more →

Read the original article: Zoom patches zero‑day flaw in Windows client The vulnerability exposed Zoom users running Windows 7 or earlier OS versions to remote attacks The post Zoom patches zero‑day flaw in Windows client appeared first on WeLiveSecurity  …

Read more →

Read the original article: Week in security with Tony Anscombe Up close with the Evilnum group and its eponymous malware – A severe flaw in networking gear – Router firmware under the microscope The post Week in security with Tony…

Read more →

Read the original article: More evil: A deep look at Evilnum and its toolset ESET research gives a detailed picture of the operations of the Evilnum group and its toolkit deployed in attacks against carefully chosen targets in the fintech…

Read more →

Read the original article: Billions of stolen passwords for sale on the dark web While logins to music and video streaming services sell for less than ten dollars each, domain admin access is being offered for US$120,000 The post Billions…

Read more →

Read the original article: Popular home routers plagued by critical security flaws A study paints a dim picture of router security, as none of the 127 devices tested was free of severe vulnerabilities The post Popular home routers plagued by…

Read more →

Read the original article: Fed shares insight on how to combat synthetic identity fraud The Federal Reserve looks at ways to counter what is thought to be the fastest-growing type of financial crime in the country The post Fed shares…

Read more →

Read the original article: Raising children in the social media limelight? Pause before you post How (over)sharing your children’s triumphs and antics with the world may impact their immediate and distant future – and how to reduce the risks of…

Read more →

Read the original article: Attackers target critical flaw in popular networking gear The vulnerability, which received the highest possible severity score, leaves thousands of devices at risk of being taken over by remote attackers. A patch is available. The post…

Read more →

Read the original article: The Fed shares insight on how to combat synthetic identity fraud The Federal Reserve looks at ways to counter what is thought to be the fastest-growing type of financial crime in the country The post The…

Read more →

Read the original article: Hundreds arrested after police crack encrypted chat network European police infiltrate EncroChat, go on to crack down on crime kingpins and seize guns, drugs, cars and millions in cash The post Hundreds arrested after police crack…

Read more →

Read the original article: Week in security with Tony Anscombe Brute-force attacks against RDP surge – Is contact tracing the answer to ending the COVID-19 crisis? – Microsoft ships urgent security updates The post Week in security with Tony Anscombe…

Read more →

Read the original article: Thousands of MongoDB databases ransacked, held for ransom The cybercriminal behind the ransom raids on almost 23,000 databases threatens to leak the data and alert GDPR regulators The post Thousands of MongoDB databases ransacked, held for…

Read more →

Read the original article: Microsoft releases emergency update to fix two serious Windows flaws The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical The post Microsoft releases emergency update to…

Read more →

Read the original article: COVID‑19 contact tracing – technology panacea or privacy nightmare? Can a technological intervention stem the pandemic while avoiding the privacy pitfalls of location tracking? The post COVID‑19 contact tracing – technology panacea or privacy nightmare? appeared…

Read more →

Read the original article: Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game Poorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too The post Remote access at risk:…

Read more →

Read the original article: What is a password manager and why is it useful? A password manager can make your digital life both simpler and more secure. Are there any downsides to relying on software to create and store your…

Read more →

Read the original article: Week in security with Tony Anscombe Android ransomware posing as a COVID-19 tracing app – Ill-trained and ill-equipped newly-minted remote workers – How Bitcoin giveaway scams misuse Elon Musk’s name The post Week in security with…

Read more →

Read the original article: Facial recognition technology banned in another US city In a move lauded by privacy advocates, Boston joins the ranks of cities that have voted down the municipal use of the technology The post Facial recognition technology…

Read more →

Read the original article: Majority of new remote employees use their personal laptops for work And many of them didn’t receive any new security training or tools from their employer to properly secure the devices, a study finds The post…

Read more →

Read the original article: New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor ESET researchers dissect an Android app that masquerades as an official COVID-19 contact-tracing app and encrypts files on the victim’s device The post New…

Read more →

Read the original article: Scam uses Elon Musk’s name to trick people out of US$2 million in bitcoin The giveaway scheme uses the tech titan’s name as part of Bitcoin addresses for extra credibility The post Scam uses Elon Musk’s…

Read more →

Read the original article: Cyberbullying: Adults can be victims too Cyberbullying can happen to anyone, at any time – and at any age. How can adults deal with various forms of online abuse and harassment? The post Cyberbullying: Adults can…

Read more →

Read the original article: Week in security with Tony Anscombe This week, ESET researchers released their findings about Operation In(ter)ception, a campaign that leveraged LinkedIn-based spearphishing and took aim at aerospace and military companies in Europe and the Middle East…

Read more →