Close

May 31, 2019

Latest Cyber Security News

Threatpost The First Stop For Security News

WeLiveSecurity News, views, and insight from the ESET security community

    Feed has no items.

Hacker News Links for the intellectually curious, ranked by readers.

Krebs on Security In-depth security news and investigation

  • E-Verify’s “SSN Lock” is Nothing of the Sort


    by BrianKrebs on July 4, 2020 at 10:24 pm

    One of the most-read advice columns on this site is a 2018 piece called “Plant Your Flag, Mark Your Territory,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration, the IRS and others before crooks do it for you. A key concept here is that these services only allow one account per Social Security number — which for better or worse is the de facto national identifier in the United States. But KrebsOnSecurity recently discovered that this is not the case with all federal government sites built to help you manage your identity online.

    A reader who was recently the victim of unemployment insurance fraud said he was told he should create an account at the Department of Homeland Security’s myE-Verify website, and place a lock on his Social Security number (SSN) to minimize the chances that ID thieves might abuse his identity for employment fraud in the future.

  • Ransomware Gangs Don’t Need PR Help


    by BrianKrebs on July 2, 2020 at 1:10 am

    We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime.

    Often the rationale behind couching these events as newsworthy is that the attacks involve publicly traded companies or recognizable brands, and that investors and the public have a right to know. But absent any additional information from the victim company or their partners who may be affected by the attack, these kinds of stories and blog posts look a great deal like ambulance chasing and sensationalism.

  • COVID-19 ‘Breach Bubble’ Waiting to Pop?


    by BrianKrebs on June 30, 2020 at 3:00 pm

    The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse.

  • Russian Cybercrime Boss Burkov Gets 9 Years


    by BrianKrebs on June 27, 2020 at 5:27 pm

    A well-connected Russian hacker once described as “an asset of supreme importance” to Moscow was sentenced on Friday to nine years in a U.S. prison after pleading guilty to running a site that sold stolen payment card data, and to administering a highly secretive crime forum that counted among its members some of the most elite Russian cybercrooks.

  • New Charges, Sentencing in Satori IoT Botnet Conspiracy


    by BrianKrebs on June 25, 2020 at 11:52 pm

    The U.S. Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build multiple botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. In addition, a defendant in the United States was sentenced to drug treatment and 18 months community confinement for his admitted role in the conspiracy.

Dark Reading: Dark Reading: Connecting the Information and Security Community

Schneier on Security A blog covering security and security technology.

  • IoT Security Principles


    by Bruce Schneier on July 7, 2020 at 11:38 am

    The BSA — also known as the Software Alliance, formerly the Business Software Alliance (which explains the acronym) — is an industry lobbying group. They just published "Policy Principles for Building a Secure and Trustworthy Internet of Things." They call for: Distinguishing between consumer and industrial IoT. Offering incentives for integrating security. Harmonizing national and international policies. Establishing regularly updated…

  • ThiefQuest Ransomware for the Mac


    by Bruce Schneier on July 6, 2020 at 11:43 am

    There’s a new ransomware for the Mac called ThiefQuest or EvilQuest. It’s hard to get infected: For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Apple in order to run it. It’s a good reminder to get your software from trustworthy sources, like developers whose code is…

  • Friday Squid Blogging: Strawberry Squid


    by Bruce Schneier on July 3, 2020 at 9:07 pm

    Pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here….

  • EncroChat Hacked by Police


    by Bruce Schneier on July 3, 2020 at 3:39 pm

    French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat’s phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat took the base unit, installed its own encrypted messaging programs which route messages through the firm’s…

  • The Security Value of Inefficiency


    by Bruce Schneier on July 2, 2020 at 2:26 pm

    For decades, we have prized efficiency in our economy. We strive for it. We reward it. In normal times, that’s a good thing. Running just at the margins is efficient. A single just-in-time global supply chain is efficient. Consolidation is efficient. And that’s all profitable. Inefficiency, on the other hand, is waste. Extra inventory is inefficient. Overcapacity is inefficient. Using…

Naked Security Computer Security News, Advice and Research

Subscribe To Newsletter

News and campaigns you will enjoy to hear...