Sat.Apr 11, 2020 - Fri.Apr 17, 2020

article thumbnail

7 Ways COVID-19 Has Changed Our Online Lives

Dark Reading

The pandemic has driven more of our personal and work lives online - and for the bad guys, business is booming. Here's how you can protect yourself.

113
113
article thumbnail

Demand for Phishing Kits Is Strong: Report

Data Breach Today

Prices for Kits Soar; Ads Proliferate on Dark Net Markets Ads for phishing kits doubled last year on underground forums and dark net markets, with prices skyrocketing over 149 percent - an apparent indicator of strong demand, according to security firm Group-IB.

Phishing 165
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cybersecurity Prep for the 2020s

Dark Reading

The more things change, the more they stay the same. Much of the world is still behind on the basics.

article thumbnail

Welcoming the Icelandic Government to Have I Been Pwned

Troy Hunt

Hot on the heels of onboarding the USA government to Have I Been Pwned last month , I'm very happy to welcome another national government - Iceland! As of today, Iceland's National Computer Security Incident Response Team ( CERT-IS ), now has access to the full gamut of their gov domains for both on-demand querying and ongoing monitoring. As with the USA and Iceland, I expect to continue onboarding additional governments over the course of 2020 and expanding their access to meaningful data about

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Researchers: Fake Fingerprints Can Bypass Biometric Sensors

Data Breach Today

Study Shows Fingerprints Made With 3D Printer Can Fool Sensors, But Process Is Difficult Fake fingerprints created with a 3D printer can bypass biometric scanners to unlock smartphones, laptops and other devices under certain circumstances, according to a study from a Cisco Talos.

260
260

More Trending

article thumbnail

'5G Causes COVID-19' Conspiracy Theory: No Fix for Stupid

Data Breach Today

Suspected Arson Attacks on Transmitter Masts Disrupt Emergency Services As countries pursue national 5G rollouts, an unwanted security challenge has intensified: Some extremists have been vandalizing or even firebombing transmitter masts, driven by conspiracy theories suggesting not only that 5G poses a public health risk, but that it also helps cause COVID-19.

Risk 243
article thumbnail

Gmail blocked 18 Million phishing and malware emails using COVID-19 lures in a week

Security Affairs

Google says that the Gmail malware scanners have blocked around 18 million phishing and malware emails using COVID-19 lures in just one week. Google announced that its anti-malware solutions implemented to defend its Gmail users have blocked around 18 million phishing and malware emails using COVID-19 lures within the last seven days. The IT giant also announced to have blocked more than 240 million spam messages related to the ongoing COVID-19 pandemic.

Phishing 145
article thumbnail

Navigating the New Normal: Data Security is Squarely in the Hands of the C-Suite

Thales Cloud Protection & Licensing

The drastic changes we’re experiencing in our personal and professional lives would have been impossible to imagine just a year ago when we shared this blog about CEOs becoming more actively involved in data security conversations in the boardroom. Now, our new reality demands these questions are asked and answered by C-suite executives who must be certain about data security in uncertain times.

article thumbnail

Investing in Cybersecurity's Post-Pandemic Future

Data Breach Today

Hank Thomas of Strategic Cyber Ventures on How the Industry Is Poised to Emerge From Crisis Before the COVID-19 pandemic, venture capitalist Hank Thomas helped launch SCVX, a cybersecurity-focused special purpose acquisition company. Post-pandemic, Thomas sees a bright future in filling what he sees as the market need for a scalable, integrated platform.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The DoD Isn't Fixing Its Security Problems

Schneier on Security

It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them : GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals. In a majority of cases, DoD has not completed the cybersecurity training and awareness tasks it set out to. The status of various efforts is simply unknown because no one has tracked their progress.

IT 86
article thumbnail

The Dutch police took down 15 DDoS-for-hire services in a week

Security Affairs

Dutch authorities have taken down 15 DDoS-for-hire services in a week, this is another success of law enforcement in the fight against cybercrime. An operation conducted by Dutch authorities last week has shut down 15 DDoS-for-hire services (aka DDoS booters or DDoS stressor), states a press release published by Dutch police. The operation was conducted with the support of Europol, Interpol, and the FBI along with web hosting providers and domain registrars.

IoT 145
article thumbnail

Overlay Malware Leverages Chrome Browser, Targets Banks and Heads to Spain

Threatpost

The Grandoreiro banking malware uses remote overlay and a fake Chrome browser plugin to steal from banking customers.

115
115
article thumbnail

STEPS FORWARD: How the Middle East led the U.S. to adopt smarter mobile security rules

The Last Watchdog

We’ve come to rely on our smartphones to live out our digital lives, both professionally and personally. When it comes to securing mobile computing devices, the big challenge businesses have long grappled with is how to protect company assets while at the same time respecting an individual’s privacy. Reacting to the BYOD craze , mobile security frameworks have veered from one partially effective approach to the next over the past decade.

Security 205
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

SEC Settles With 2 Traders Over EDGAR Hacking Case

Data Breach Today

Ukrainian Man Behind the Actual Hacking Remains at Large The U.S. SEC has settled charges against two traders who were accused of profiting from the hacking of an EDGAR server in 2016. The Ukrainian man who allegedly hacked the system by bypassing its authentication control remains at large.

article thumbnail

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it’s helping hospitals avoid becoming the next ransomware victim or kneecapping new COVID-19-themed scam websites, these nascent partnerships may well end up saving lives.

article thumbnail

Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker

Security Affairs

Hackers are again attacking Portuguese banking organizations via Android Trojan-Banker. The threat is not new, hackers are again attacking clients of Portuguese banking organizations via a specially crafted Android Trojan-Banker from phishing campaigns launched from Brazil. The last occurrence this line was recorded on March 13rd, 2020, where a similar Trojan-Banker was disseminated targeting other clients of different banking organizations.

article thumbnail

NEW TECH: Semperis introduces tools to improve security resiliency of Windows Active Directory

The Last Watchdog

Ransomware continues to endure as a highly lucrative criminal enterprise. Ransomware hacking groups extorted at least $144.35 million from U.S. organizations between January 2013 and July 2019. That’s the precise figure recently disclosed by the FBI — the true damage is almost certainly a lot steeper, given only a portion of cyber crimes ever get reported to law enforcement.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Hackers Breach San Francisco Airport Websites

Data Breach Today

Officials Say Usernames and Passwords Stolen San Francisco International Airport has disclosed that hackers stole usernames and passwords from two of its websites in March.

Passwords 342
article thumbnail

Sipping from the Coronavirus Domain Firehose

Krebs on Security

Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing pressure to do more to combat scams and misinformation during the COVID-19 pandemic.

Phishing 293
article thumbnail

FTC says $12 million were lost due to Coronavirus-related scams

Security Affairs

Consumer reports received since January 2020 revealed that that approximately $12 million were lost due to Coronavirus-related scams, FTC says. The U.S. Federal Trade Commission revealed that Coronavirus-related scams reported by consumers since January 2020 caused approximately $12 million losses. FTC received 16,778 reports of frauds, roughly 46.3% of fraud complaints also reporting a loss between January 1, 2020 – April 12, 2020 – “FTC has received more than 16K Coronavirus-

Security 145
article thumbnail

The Pentagon Hasn't Fixed Basic Cybersecurity Blind Spots

WIRED Threat Level

Five years ago, the Department of Defense set dozens of security hygiene goals. A new report finds that it has abandoned or lost track of most of them.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

TikTok Content Could Be Vulnerable to Tampering: Researchers

Data Breach Today

Video-Sharing Service Does Not Always Use TLS/SSL Encryption TikTok, a video-sharing service, has been delivering video and other media without TLS/SSL encryption, which means it may be possible for someone to tamper with content, researchers say. That could be especially damaging in the current pandemic environment, where misinformation and confusion abounds.

article thumbnail

Microsoft Patch Tuesday, April 2020 Edition

Krebs on Security

Microsoft today released updates to fix 113 security vulnerabilities in its various Windows operating systems and related software. Those include at least three flaws that are actively being exploited, as well as two others which were publicly detailed prior to today, potentially giving attackers a head start in figuring out how to exploit the bugs.

Libraries 284
article thumbnail

500,000+ Zoom accounts available for sale on the Dark Web

Security Affairs

Zoom accounts are flooding the dark web, over 500 hundred thousand Zoom accounts are being sold on hacker forums. Over 500 hundred thousand Zoom accounts are available for sale on the dark web and hacker forums. Sellers are advertising them for.0020 cents each, in some cases they are offered for free. The huge trove of account credentials was not stolen by Zoom, instead, it appears the result of credential stuffing attacks that leverage records from third-party data breaches.

Sales 145
article thumbnail

How to Cover Your Tracks Every Time You Go Online

WIRED Threat Level

Online tracking can often feel downright invasive. From using VPNs to clearing browser histories, we've got your back.

Security 145
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Emotet, Ryuk, TrickBot: 'Loader-Ransomware-Banker Trifecta'

Data Breach Today

More Advanced Cybercrime Services Help Hackers Boost Illicit Earnings Many criminals are continuing to tap cybercrime platforms and services to make it easier to earn an illicit paycheck, sometimes by combining tools, such as Emotet, Ryuk and TrickBot. This "loader-ransomware-banker trifecta has wreaked havoc" in recent years, says security firm Intel 471.

article thumbnail

NHS coronavirus app: memo discussed giving ministers power to 'de-anonymise' users

The Guardian Data Protection

Exclusive: draft plans for contact-tracing app said device IDs could be used to identify users Coronavirus – latest updates See all our coronavirus coverage A draft government memo explaining how the NHS contact-tracing app could stem the spread of the coronavirus said ministers might be given the ability to order “de-anonymisation” to identify people from their smartphones, the Guardian can reveal.

article thumbnail

Linksys force password reset to prevent Router hijacking

Security Affairs

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Crooks continue to launch Coronavirus-themed attacks , in the last weeks, experts observed hackers hijacking D-Link and Linksys routers to redirect users to COVID19-themed sites spreading malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health O

Passwords 145