Google could ask for your licence or passport on YouTube and Google Play in Australia
Image: Google Google has announced it will be expanding age verification checks to users in Australia who want to access age-restricted content on YouTube and Google Play. In the coming
Attacks Abound in Tricky Threat Terrain: 2021 Annual Cybersecurity Report
Trend Micro – The digital transformations that had enabled many enterprises to stay afloat amid the Covid-19 health crisis also brought about major upheavals in cybersecurity, the impact of which
Simple Tips to Protect Youself From Being Catfished
It is a fact that the COVID-19 pandemic forced us to go online whether it be working from home (WFH) or meeting people online. Another pandemic that is hardly ever
How to Talk Cybersecurity Risks and Rewards with Your Customers
Talking to your customers about cybersecurity shouldn’t be stressful, it shouldn’t be one time, and it shouldn’t be after a breach or other incident has occurred. Too often however, that’s
NSW confirms iVote system will be scrapped for next year's state election
New South Wales Residents Head To Polls In State Election Image: Brook Mitchell/Getty Images The NSW Electoral Commission (NSWEC) has confirmed it will scrap using the iVote system for next
Automotive parts maker Denso confirms cyberattack
Written by Suzanne Smalley Mar 16, 2022 | CYBERSCOOP The global automotive components manufacturer Denso said in a press release this week that its German operations had been “illegally accessed
Emotet's tax-season phishing is back with new tricks
Written by Joe Warminsky Mar 16, 2022 | CYBERSCOOP IRS-themed phishing campaigns are reliable signs of spring, so the question each year becomes, “What’s new?” Researchers at Cofense are answering
Sioux Falls Funds DSU Cybersecurity Lab
City council approves $10m appropriation toward Dakota State University cybersecurity labRead More: https://www.infosecurity-magazine.com/news/sioux-falls-funds-dsu/
‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps
Scammers are bypassing Apple’s App Store security, stealing thousands of dollars’ worth of cryptocurrency from the unwitting, using the TestFlight and WebClips programs. For about a year now, crypto-traders and
Irish Watchdog Fines Meta $19m Over Data Breach
Ireland’s data regulator imposes penalty after inquiry into 2018 data breach notifications Read More: https://www.infosecurity-magazine.com/news/irish-watchdog-fines-meta-19m-over/
Avast Merger Raises Competition Concerns
UK government finds NortonLifeLock purchase of Avast could reduce competition Read More: https://www.infosecurity-magazine.com/news/avast-merger-raises-competition/
Another Destructive Wiper Targets Organizations in Ukraine
CaddyWiper is one in a barrage of data-wiping cyber-attacks to hit the country since January as the war on the ground with Russia marches on. Researchers have discovered yet another
16 Ways to Stay Safe While Online Shopping
Online shopping is new for some, especially since the beginning of the COVID-19 pandemic, but it is already a favored way to shop for many. It is easy and convenient,
NSA and CISA: Here's how to improve your Kubernetes cluster security
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published updated guidance about how to harden Kubernetes for managing container applications. Kubernetes is an open-source
This sneaky type of phishing is growing fast because hackers are seeing big paydays
There’s been a steep rise in phishing attacks which hijack legitimate, ongoing conversations between users to steal passwords, steal money, deliver malware and more. Phishing attacks have been a cybersecurity
Over 500 Domains Were Used in Phishing Operation to Steal Credentials
Massive phishing operation employing hundreds of domains to steal Naver credentials reveals infrastructure overlaps associated with the TrickBot banking trojan. What Is Naver? Naver is a South Korean online platform
Why Cloud Workload Security (CWS) Should Be Your 2022 Priority
The cloud is quickly becoming the most important battleground for organizations. Organizations are continuing their push into digitalization and are large cloud-first organizations. They’re using more cloud-based services, more cloud-based
Tips and Trends to Level Up Your MSP
Even with ongoing uncertainty, managed service providers are looking for opportunities to grow their businesses in 2022. How to achieve that growth was the topic of the Managed Services Community
Preparing for denial-of-service attacks with Talos Incident Response
By Yuri Kramarz. Over the years, several extorsion-style and politically motivated denial-of-service attacks increased and still pose a threat to businesses and organizations of any size that can find themselves
Security gives your company a competitive advantage
In rowing, when your team is in sync, the boat is flying on the top of the water, and you’re winning — it’s pretty magical. But sometimes, you “catch a
iPhone, Android users lose life savings to romance fraud, cryptocurrency operation
iPhone and Android users are falling prey to new and even more extortionate tactics by romance and cryptocurrency scam artists. Romance scams are nothing new, but their potential impact has
New Linux Botnet Discovered
Log4j 2 is a Java logging library that is open source and extensively used in a variety of software applications and services throughout the world. The Log4j vulnerability gives threat
DirtyMoe: Worming Modules
Avast – The DirtyMoe malware is deployed using various kits like PurpleFox or injected installers of Telegram Messenger that require user interaction. Complementary to this deployment, one of the DirtyMoe
CISA and FBI warning: Hackers used these tricks to dodge multi-factor authentication and steal email from NGO
Russian state-sponsored hackers have used a clever technique to disable multi-factor authentication (MFA) and exploit a Windows 10 printer spooler flaw to compromise networks and high-value domain accounts. The goal?
Thousands of Mobile Apps Expose User Data Via Cloud Misconfigurations
Check Point study urges developers to follow best practicesRead More: https://www.infosecurity-magazine.com/news/thousands-mobile-apps-expose-data/
CISA: Fix MFA and Patch Promptly to Stop Russian Attackers
Alert explains how misconfigured authentication allowed hackers inRead More: https://www.infosecurity-magazine.com/news/cisa-fix-mfa-patch-promptly-stop/
Kaspersky Hits Back at “Politically Motivated” BSI Advisory
German authorities had urged firms to replace the Russian vendor’s productsRead More: https://www.infosecurity-magazine.com/news/kaspersky-hits-politically-bsi/
Australia's big four banks tackling cybersecurity with a team sport mentality
Read More: https://www.zdnet.com/article/australias-big-four-banks-tackling-cybersecurity-with-a-team-sport-mentality/#ftag=RSSbaffb68
Phony Instagram ‘Support Staff’ Emails Hit Insurance Company
The phishing scam tried to steal login credentials by threatening account shutdown, due to users having purportedly shared “fake content.” A phishing campaign used the guise of Instagram technical support
Australia's cyber laws potentially harmful to security: Critical Infrastructure community
Image: Shutterstock A slew of Australia’s critical infrastructure service providers and union groups have lambasted the federal government’s critical infrastructure cyber laws due to it requiring organisations to install third-party
Kaspersky complains about 'political' German advisory against it
Logo: Kaspersky Lab // Composition: ZDNet Kaspersky has responded to an advisory issued against it by the German Federal Office for Information Security (BSI) saying users should replace its products
Increase In Malware Sightings on GoDaddy Managed Hosting
WordFence – Today, March 15, 2022, The Wordfence Incident Response team alerted our Threat Intelligence team to an increase in infected websites hosted on GoDaddy’s Managed WordPress service, which includes
German Authorities Warn Against Using Kaspersky Products
The Federal Office for Information Security in Germany has urged users to uninstall any Kaspersky product from their devices and replace it with an alternative one. Bundesamt für Sicherheit in
No rational basis: Defamation law expert says Australia's anti-trolling Bill should be canned
Image: Getty Images A defamation law expert has slammed the federal government’s so-called anti-trolling Bill, accusing it of changing Australia’s defamation laws for no adequate reason and through misleading means.
Twitter concerned Australia's anti-trolling Bill leaves minority communities vulnerable
Image: Getty Images Twitter has joined other social media companies to call out Australia’s anti-trolling laws as an extreme risk to the privacy of Australians, particularly minority communities. Kara Hinesley,
Anonymous cripples Russian Fed Security Service (FSB) & other top sites
Anonymous says it also attacked the official website of the Russian Stock Exchange which, at the time of publishing this article, was offline. Anonymous hacktivists collective are claiming to have
Welcome to the CompTIA Community, Let's Talk
From helping MSPs increase their cybersecurity resilience to opening new doors for partnership and opportunities, there a number of new and enhanced benefits coming soon to CompTIA members, according to
Cyberattacks Against Israeli Government Sites: ‘Largest in the Country’s History’
DDoS attacks against Israel telecom companies took down government sites, sparking a temporary state of emergency. Israel’s Nation Cyber Directorate confirmed in a tweet on Monday that a denial-of-service (DDoS)
Nasty Linux netfilter firewall security hole found
Behind almost all Linux firewalls tools such as iptables; its newer version, nftables; firewalld; and ufw, is netfilter, which controls access to and from Linux’s network stack. It’s an essential
SentinelOne acquires Attivo Networks for identity-based threat detection
Cybersecurity company SentinelOne plans to acquire Attivo Networks for its identity-based threat detection technology, the companies said Tuesday. The cash and stock transaction, valued at $616.5 million, is expected to
UK Blocks Assange's Extradition Appeal
WikiLeaks founder’s appeal against extradition to US refused by UK Supreme CourtRead More: https://www.infosecurity-magazine.com/news/uk-blocks-assanges-extradition/
Hackers Hit Rosneft
Cyber-attack on German subsidiary of Russian state-backed energy companyRead More: https://www.infosecurity-magazine.com/news/hackers-hit-rosneft/
Top Ukrainian cyber official praises volunteer hacks on Russian targets, offers updates
Written by AJ Vicens Mar 15, 2022 | CYBERSCOOP The Ukrainian government’s cyber efforts are focused on defense, not offense, a top official said Tuesday, but leaders are “grateful” for
Nearly 300k Heart Patients’ Data Exposed
PHI of 287K patients at risk after cyber-attack on South Denver Cardiology Associates Read More: https://www.infosecurity-magazine.com/news/heart-patients-data-exposed/
Behavior-based vs IOC-based Threat Detection Approaches: How to Prioritize?
A core cybersecurity procedure usually includes running detection rules based on the Indicators of Compromise (IOCs). However, the latest trend is focused on the behavior-based detection approach. Let’s find out
Most QNAP NAS Devices Affected by ‘Dirty Pipe’ Linux Flaw
The “Dirty Pipe” Linux kernel flaw – a high-severity vulnerability in all major distros that grants root access to unprivileged users who have local access – affects most of QNAP’s
Threat Advisory: CaddyWiper
Overview Cybersecurity company ESET disclosed another Ukraine-focused wiper dubbed “CaddyWiper” on March 14. This wiper is relatively smaller than previous wiper attacks we’ve seen in Ukraine such as “HermeticWiper” and
Phishing attempts against smartphones are on the rise. And those small screens aren't helping
There’s been a big rise in phishing attacks designed to specifically target smartphones as cyber criminals look to exploit our increased reliance on these tiny screens. Previously, many phishing websites