Krebs on Security

JULY 30, 2020

Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards.

Banking 362

Banking Malware Encryption Accountability 362

The Last Watchdog

JULY 27, 2020

It took a global pandemic and the death of George Floyd to put deep-seated social inequities, especially systemic racism, front and center for intense public debate. Related: Will ‘blockchain’ lead to more equitable wealth distribution? We may or may not be on the cusp of a redressing social injustice by reordering our legacy political and economic systems.

Surveillance 304

Surveillance Government Accountability Artificial Intelligence 304

Schneier on Security

JULY 31, 2020

Notice the copy of Data and Goliath just behind the head of Maine Senator Angus King. This demonstrates the importance of a vibrant color and a large font.

243

243

Tech Republic Security

JULY 31, 2020

New survey finds that cybersecurity professionals want more training to keep up with the threat landscape and learn new software platforms.

Software 218

Software Cybersecurity 218

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Krebs on Security

JULY 27, 2020

Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned. This story is about the victims of a particularly aggressive business ID theft ring that’s spent years targeting small businesses across the country and is now pivoting toward using that access for pandemic assistance loans and unemployment benefits.

Identity Theft 361

Identity Theft Small Business Energy and Utilities Computers and Electronics 361

Adam Levin

JULY 28, 2020

If you find your personal email account bombarded with unwanted marketing emails, there’s a good chance your account was compromised in a breach. That said, email these days is a minefield we all need to learn how to traverse safely. . Your email address could present the greatest liability when it comes to cybersecurity and privacy. A recent report found that email was the delivery method for 94% of malware attacks in 2019; a more recent study in 2020 indicated that email-based phishing may be

Accountability 188

Accountability Scams Marketing Phishing 188

Tech Republic Security

JULY 31, 2020

Experts weigh in to share their thoughts on the hottest topics to expect at this year's all-digital Black Hat conference.

Cybersecurity 218

Cybersecurity 218

Krebs on Security

JULY 29, 2020

Most of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal. Here’s a look at the havoc that lag has wrought, as seen through the purchasing patterns at one of the underground’s biggest stolen card shops that was hacked last year.

Accountability 351

Accountability Banking Retail Hacking 351

Troy Hunt

JULY 31, 2020

Unfortunately, our run of good luck here down in Aus has taken a bit of a turn COVID wise. Not so much in my home state, but the southern states have been copping it so this week, I pulled the pin on snowboarding. For folks overseas, that might sound like it would have been a risky proposition anyway, but only two and a half weeks ago the entire state of New South Wales had 5 active cases out of 8.1M people.

173

173

Schneier on Security

JULY 27, 2020

In Japan, a cyberstalker located his victim by enhancing the reflections in her eye , and using that information to establish a location. Reminds me of the image enhancement scene in Blade Runner. That was science fiction, but now image resolution is so good that we have to worry about it.

214

214

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

JULY 28, 2020

Read about the saga of Facebook's failures in ensuring privacy for user data, including how it relates to Cambridge Analytica, the GDPR, the Brexit campaign, and the 2016 US presidential election.

Data privacy 218

Data privacy 218

WIRED Threat Level

JULY 31, 2020

Bitcoin payments and IP addresses led investigators to two of the alleged perpetrators in just over two weeks.

Hacking 145

Hacking 145

Security Affairs

JULY 29, 2020

Experts spotted an undetectable Linux malware that exploits undocumented techniques to evade detection and targets publicly accessible Docker servers. Cybersecurity researchers at Intezer spotted a new completely undetectable Linux malware , dubbed Doki , that exploits undocumented evasion techniques while targeting publicly accessible Docker servers.

Cryptocurrency 145

Cryptocurrency Malware Advertising VPN 145

Schneier on Security

JULY 30, 2020

Fireeye is reporting that a hacking group called Ghostwriter broke into the content management systems of Eastern European news sites to plant fake stories. From a Wired story : The propagandists have created and disseminated disinformation since at least March 2017, with a focus on undermining NATO and the US troops in Poland and the Baltics; they've posted fake content on everything from social media to pro-Russian news websites.

Media 212

Media Hacking Cybersecurity 212

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

JULY 29, 2020

While 56% of Americans want more control over personal data, more than 40% said they reuse passwords, use public Wi-Fi, or save a credit card to an online store, KPMG found.

Data privacy 217

Data privacy Passwords 217

WIRED Threat Level

JULY 29, 2020

A disinfo operation broke into the content management systems of Eastern European media outlets in a campaign to spread misinformation about NATO.

Media 145

Media Hacking 145

Security Affairs

JULY 28, 2020

ShinyHunters, a trusted threat actor, is offering on a hacker forum the databases stolen from eighteen companies, over 386 million user records available online. The known threat actor ShinyHunters has begun leaking for free the databases of multiple companies on a hacker forum. A couple of days ago, the popular digital banking app Dave.com disclosed a security breach after ShinyHunters leaked 7,516,625 user records on a crime forum.

Passwords 145

Passwords Advertising Education Banking 145

Schneier on Security

JULY 31, 2020

A 17-year-old Florida boy was arrested and charged with last week's Twitter hack. News articles. Boing Boing post. Florida state attorney press release. This is a developing story. Post any additional news in the comments.

Hacking 147

Hacking Scams Cybersecurity 147

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

JULY 29, 2020

A recent investigation by NordPass and a white hat hacker discovered more than 9,000 unsecured databases online with more than 10 billion individual entries.

212

212

WIRED Threat Level

JULY 25, 2020

A combination of technologies helped scientists discover a potentially illegal fishing operation involving more than 900 vessels.

Technology 143

Technology 143

Security Affairs

JULY 28, 2020

Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way! How to hack IoT & RF Devices with BürtleinaBoard. Disclaimer : due to a complaint from the citizens of my native city in Italy… I had to rename #PiadinaBoard into #BurtleinaBoard. Few months ago I have presented #FocacciaBoard : a similar multipurpose breakout board that uses the famous FT232H to handle multiple protocols commonly found in (I)IoT devices (i.e.

IoT 145

IoT Hacking Firmware Advertising 145

Adam Levin

JULY 29, 2020

A collection of source code from companies including General Electric, Disney, Microsoft, Motorola, Qualcomm, Adobe, Nintendo and Microsoft has been aggregated and posted online. . The repository was released onto Gitlab by software developer and IT consultant Tillie Kottmann and was collected from publicly available leaked data that had been stored on misconfigured online servers.

Banking 136

Banking Passwords Accountability Technology 136

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

JULY 28, 2020

The GPS maker scrambled to contain the aftermath of an attack as employees took to social media to describe what was happening.

Media 210

Media Ransomware 210

WIRED Threat Level

JULY 27, 2020

A ransomware hit and subsequent outage caused problems in the company's aviation services, including flight planning and mapping.

Ransomware 138

Ransomware Hacking 138

Security Affairs

JULY 29, 2020

U.S. cybersecurity firm revealed that China-linked hackers have infiltrated Vatican computer networks ahead of talks. China-linked hackers have infiltrated the Vatican computer networks, reads a report published by the U.S. cybersecurity firm Recorded Future that focuses on the analysis of nation-state actors. According to the experts, the cyber espionage campaign began in May ahead the talk between the Vatican and the Chinese government.

Advertising 145

Advertising Government Hacking Cybersecurity 145

Threatpost

JULY 29, 2020

The "BootHole" bug could allow cyberattackers to load malware, steal information and move laterally into corporate, OT ,IoT and home networks.

IoT 133

IoT Malware 133

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

JULY 28, 2020

The study showed concrete financial benefits to having security systems and teams in place.

209

209

WIRED Threat Level

JULY 30, 2020

A WIRED investigation found dozens of channels belong to children apparently under 13, and anonymous chat participants sending inappropriate messages their way.

135

135

Security Affairs

JULY 26, 2020

Digital banking app Dave.com discloses a security breach after the known threat actor ShinyHunters leaked 7 million user records on a crime forum. The popular digital banking app Dave.com discloses a security breach after the known threat actor ShinyHunters leaked 7,516,625 user records on a crime forum. According to ZDNet , the security breach originated on the network of a former business partner, Waydev.

Banking 145

Banking Advertising Hacking Education 145

Threatpost

JULY 28, 2020

A path traversal vulnerability in the iDRAC technology can allow remote attackers to take over control of server operations.

Technology 122

Technology 122

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity