GandCrab ransomware hacker arrested in Belarus
by Paul Ducklin on August 4, 2020 at 12:19
Suspect is alleged to have extorted more than 1000 people, mostly in India, US, Ukraine, UK, Germany, France, Italy and Russia.
Robocall Legal Advocate Leaks Customer Data
by BrianKrebs on August 3, 2020 at 22:18
A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.
How much is your personal data worth on the dark web?
by Amer Owaida on August 3, 2020 at 19:40
The going prices are lower than you probably think – your credit card details, for example, can sell for a few bucks The post How much is your personal data worth on the dark web? appeared first on WeLiveSecurity
Monday review – our recent stories revisited
by Naked Security writer on August 3, 2020 at 09:41
Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.
Twitter hack – three suspects charged in the US
by Paul Ducklin on August 1, 2020 at 01:08
Three people have been fingered for the recent Twitter hack in which 45 high-profle accounts were taken over.
Three Charged in July 15 Twitter Compromise
by BrianKrebs on July 31, 2020 at 21:43
Three individuals have been charged for their alleged roles in the July 15 hack on Twitter, an incident that resulted in Twitter profiles for some of the world's most recognizable celebrities, executives and public figures sending out tweets advertising a bitcoin scam.
Travel company CWT avoids ransomware derailment by paying $4.5m blackmail demand
by Paul Ducklin on July 31, 2020 at 21:17
US travel company CWT has reportedly coughed up $4.5m to ransomware crooks who stole data and scrambled files.
Week in security with Tony Anscombe
by Editor on July 31, 2020 at 15:26
New ESET Threat Report is out – Defending against Thunderspy attacks – Thousands of databases wiped in Meow attacks The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Twitter breach: Staff tricked by ‘phone spear phishing’
by Amer Owaida on July 31, 2020 at 15:12
The attackers exploited the human factor to gain access to Twitter’s internal systems and the accounts of some of the world’s most prominent figures The post Twitter breach: Staff tricked by ‘phone spear phishing’ appeared first on WeLiveSecurity
Servers at risk from “BootHole” bug – what you need to know
by Paul Ducklin on July 30, 2020 at 15:35
We explain the "BootHole" vulnerability - as usual, in plain English and without hype. Find if you're affected and what to do.
10 billion records exposed in unsecured databases, study says
by Amer Owaida on July 30, 2020 at 15:29
The databases contain personal information that could be used for phishing attacks and identity theft schemes The post 10 billion records exposed in unsecured databases, study says appeared first on WeLiveSecurity
Is Your Chip Card Secure? Much Depends on Where You Bank
by BrianKrebs on July 30, 2020 at 15:09
Chip-based credit and debit cards are designed to make it infeasible for skimming devices or malware to clone your card when you pay for something by dipping the chip instead of swiping the stripe. But a recent series of malware attacks on U.S.-based merchants suggest thieves are exploiting weaknesses in how certain financial institutions have implemented the technology to sidestep key chip card security features and effectively create usable, counterfeit cards.
Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe
by Aryeh Goretsky on July 30, 2020 at 09:30
All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface The post Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe appeared first on WeLiveSecurity
Here’s Why Credit Card Fraud is Still a Thing
by BrianKrebs on July 29, 2020 at 19:46
Most of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal. Here's a look at the havoc that lag has wrought, as seen through the purchasing patterns at one of the underground's biggest stolen card shops that was hacked last year.
US tax service says, “2FA is a must!”
by Paul Ducklin on July 29, 2020 at 16:01
We know it's an old drum, but we're not tired of beating it yet: 2FA is your friend.