A week in security (January 9—15)

Categories: News

Tags: AWIS

Tags: weekly blog roundup

Tags: week in security

Tags: Slack

Tags: GitHub

Tags: Magecart

Tags: Microsoft

Tags: Pokemon NFT

Tags: Facebook

Tags: Instagram

Tags: Snapchat

Tags: TikTok

Tags: YouTube

Tags: Google

Tags: Meta

Tags: identity theft

Tags: Maternal & Family Health Services

Tags: 2023 predictions

Tags: Royal Mail

Tags: K-12 security

Tags: K-12

Tags: WhatsApp

Tags: NSO Group

Tags: Department of Interior

Tags: weak passwords

Tags: Vice Society

Tags: ransomware. Vice Society ransomware

The most interesting security related news from the week of January 9—15.

(Read more…)

The post A week in security (January 9—15) appeared first on Malwarebytes Labs.

Read more

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

Read more

Slack beefs up mobile security controls for Enterprise Grid

Credit to Author: Matthew Finnegan| Date: Tue, 06 Aug 2019 08:00:00 -0700

Slack today unveiled new security capabilities for Enterprise Grid customers, including tighter controls for admins who oversee mobile device access.

Enterprise Grid was launched in 2017 for Slack’s biggest customers, with additional features to support large-scale deployments. Among the 150 organizations now using Enterprise Grid are Capital One, IBM and Target. 

Slack has continued to build out security and compliance features for the software since its introduction, including the addition of enterprise key management last September.  

To read this article in full, please click here

Read more

Capital One Data Theft Impacts 106M People

Credit to Author: BrianKrebs| Date: Tue, 30 Jul 2019 13:59:54 +0000

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breached played out publicly over several months on social media and other open online platforms. What follows is a closer look at the accused, and what this incident may mean for consumers and businesses.

Read more

A week in security (June 24 – 30)

Credit to Author: Malwarebytes Labs| Date: Mon, 01 Jul 2019 17:02:56 +0000

A roundup of cybersecurity news from June 24–30, including top malicious web campaigns, updates on the GreenFlash Sundown exploit, a Malwarebytes initiative to double down on stalkerware detection and awareness, and more.



(Read more…)

The post A week in security (June 24 – 30) appeared first on Malwarebytes Labs.

Read more

Voice Phishing Scams Are Getting More Clever

Credit to Author: BrianKrebs| Date: Mon, 01 Oct 2018 14:02:27 +0000

Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it’s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you’re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly).

Read more