The Hacker News Daily Updates

"Last Pass admits to severe data breach...."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 23 December 2022, 2140 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGrblVHvmVjMvSGtrPLgzbfwhZB

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates
Newsletter
cover

7 Passwordless Approaches for B2C

Passwords are problematic. They are hard to remember, and they don’t work well. Passwords can be guessed or leaked. Today’s technology allows for better authentication, without passwords. It’s time to move on and join the cutting edge.

Download NowSponsored
LATEST NEWSDec 23, 2022

FrodoPIR: New Privacy-Focused Database Querying System

The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, checking passwords against breached databases, certificate revocation checks, and streaming, among others. The scheme is ...

Read More
TwitterFacebookLinkedIn

Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. Officials

A new targeted phishing campaign has zoomed in on a two-factor authentication solution called Kavach that's used by Indian government officials. Cybersecurity firm Securonix dubbed the activity STEPPY#KAVACH, attributing it to a threat actor known as SideCopy based on tactical overlaps with prior attacks. ".LNK files are used to initiate code execution which eventually downloads and runs ...

Read More
TwitterFacebookLinkedIn

Combine Your Payment Stack into One

FastSpring handles the complexity of selling software so you can get back to doing what you do best — building great products. Our platform includes global payment processing, subscription management, checkout, sales taxes and VAT, fraud prevention, and much ...

Read More
TwitterFacebookLinkedIn

Accelerate Your Incident Response

Tis the season for security and IT teams to send out that company-wide email: “No, our CEO does NOT want you to buy gift cards.”  As much of the workforce signs off for the holidays, hackers are stepping up their game. We’ll no doubt see an increase in activity as hackers continue to unleash e-commerce scams and holiday-themed phishing attacks. Hackers love to use these tactics to trick ...

Read More
TwitterFacebookLinkedIn

Vice Society Ransomware Attackers Adopt Robust Encryption Methods

The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of sectors. "This ransomware variant, dubbed 'PolyVice,' implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms," SentinelOne researcher Antonio Cocomazzi said in an analysis. Vice Society, which is tracked by Microsoft under ...

Read More
TwitterFacebookLinkedIn

France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent

France's privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft's Ireland subsidiary for dropping advertising cookies in users' computers without their explicit consent in violation of data protection laws in the European Union. The Commission nationale de l'informatique et des libert├ęs (CNIL) noted that users visiting the home page of its Bing search engine did ...

Read More
TwitterFacebookLinkedIn

LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen

The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults by using data siphoned from the earlier break-in. Also stolen is "basic customer ...

Read More
TwitterFacebookLinkedIn

FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape

An exhaustive analysis of FIN7 has unmasked the cybercrime syndicate's organizational hierarchy, alongside unraveling its role as an affiliate for mounting ransomware attacks. It has also exposed deeper associations between the group and the larger threat ecosystem comprising the now-defunct ransomware DarkSide, REvil, and LockBit families. The highly active threat group, also known as ...

Read More
TwitterFacebookLinkedIn
cover

Moving Past Passwords (At Last!)

7 Key Takeaways to Passwordless Authentication

Download NowSponsored

Comments

Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.