The Life Cycle of a Breached Database

Credit to Author: BrianKrebs| Date: Thu, 29 Jul 2021 16:20:54 +0000

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. One might even say passwords are the fossil fuels powering most IT modernization: They’re ubiquitous because they are cheap and easy to use, but that means they also come with significant trade-offs — such as polluting the Internet with weaponized data when they’re leaked or stolen en masse.

Read more

How to give your phone an Android-12-inspired privacy upgrade

Credit to Author: JR Raphael| Date: Thu, 29 Jul 2021 07:04:00 -0700

Android 12 sure is an onion of an update, wouldn’t ya say?

Now, don’t get me wrong: I’m not suggesting it’s fragrant, likely to make you cry, or positively delicious when cooked in a stir-fry. (That’d be one heck of a piece of software!) I just mean that it has lots of layers to it, including some that are beneath the surface and impossible to see when you’re only glancing from afar.

Android 12 is full of changes both big and small, in fact — and while many of its most noticeable external elements will be limited to Google’s own Pixel phones, some of the improvements tucked away in those sticky lower layers are arguably the most important changes of all.

To read this article in full, please click here

Read more

PlugwalkJoe Does the Perp Walk

Credit to Author: BrianKrebs| Date: Mon, 26 Jul 2021 18:18:38 +0000

One day after last summer’s mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. When the Justice Department last week announced O’Connor’s arrest and indictment, his alleged role in the Twitter compromise was well covered in the media. But most of the coverage so far seem to have overlooked the far more sinister criminal charges in the indictment, which involve an underground scene wherein young men turn to extortion, sextortion, SIM swapping, death threats and physical attacks — all in a bid to seize control over highly-prized social media accounts.

Read more

Acronis teams with Jamf to secure the Apple-centric enterprise

Credit to Author: Jonny Evans| Date: Mon, 26 Jul 2021 09:16:00 -0700

As the Mac security journey becomes ever more challenging, there’s fresh activity in the Mac security and enterprise infrastructure space: Acronis Cyber Protect Cloud now integrates with leading enterprise management platform Jamf.

Acronis and Jamf: Better together

That’s a significant step forward in terms of better native Mac support from Acronis, which has been working to widen its support for Apple’s platform since at least 2014 when it introduced Mac support for Acronis Access. It’s also a significant indicator that despite the existence of a few hold-outs, most enterprises now recognize that the future of work is remote.

To read this article in full, please click here

Read more

About the Pegasus spyware, Apple's telling the full truth

Credit to Author: Evan Schuman| Date: Mon, 26 Jul 2021 03:48:00 -0700

When it comes to security and privacy issues, Apple generally does a far better job than its rivals — though admittedly for selfish marketing reasons. When comparing Apple’s iOS and Google’s Android, it’s hard to not see that at least Apple makes a good-faith attempt at being security- and privacy-oriented, compared to Google, which would prefer selling ads and anything else it can think of.

Still, Apple has been known to twist and shift the truth, omitting germane background info and context when it’s convenient. Remember antenna-gate? The battery-gate brouhaha?

To read this article in full, please click here

Read more

Serial Swatter Who Caused Death Gets Five Years in Prison

Credit to Author: BrianKrebs| Date: Wed, 21 Jul 2021 19:59:03 +0000

A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.

Read more

Pegasus spyware and iPhone security

Amnesty International's Security Lab revealed that a handful of iPhones, mostly belonging to journalists and human rights activists, were successfully infected with Pegasus spyware. While the majority of iPhones users are not affected, the spyware, created by NSO Group, was found even on newer iPhone models equipped with the latest iOS update. Apple bills the iPhone as the most secure consumer cellular product on the market, so this wave of malware raises security concerns. Computerworld Executive Editor Ken Mingis and Macworld Executive Editor Michael Simon join Juliet to discuss iPhone security and more.

Read more

Scary ‘malware-as-a-service’ Mac attack discovered

Credit to Author: Jonny Evans| Date: Thu, 22 Jul 2021 06:16:00 -0700

Read more