Security News

Isn't it time we stop getting psyched by the bad guys? Here are five steps cybersecurity pros can take now. How human behavior impacts cybersecurity is a hot topic.

"The seemingly endless ocean of threats can paralyze those who make decisions for an organization. They sense an ominous feeling of blood in the water yet lack clarity about how to stop the sharks from feeding." Not unlike the fatigue being experienced due to COVID-19, users are flooded continuously with news about this or that data breach and how their sensitive information was stolen.

A VPN service used by many cybercriminals has been disrupted in a global operation that involved law enforcement agencies in Germany, the United States, the Netherlands, France and Switzerland. Europol reported on Tuesday that the operation targeted a service called Safe-Inet, and the U.S. Justice Department clarified that three associated domains have been seized, namely insorg.org, safe-inet.com and safe-inet.net.

Law enforcement agencies from the US, Germany, Netherlands, Switzerland, France, along with Europol's European Cybercrime Centre, announced today the coordinated takedown of Safe-Inet, a popular virtual private network service that was used to facilitate criminal activity. The service, which comes with support for Russian and English languages and has been active for over a decade, offered "Bulletproof hosting services" to website visitors, often at a steep price to the criminal underworld.

TechRepublic spoke with email security firm Tessian's CEO Tim Sadler, who tells us how to avoid being phished or scammed during the search for perfect presents. Because of the flurry of e-commerce activity, email inboxes are filled with offers and notifications from retailers.

End users just want to do their job, not become cybersecurity experts. To eliminate the glut of information, Finney, in the Forbes article Tactical Literacy: How We Can Overcome Ignorance In Cybersecurity, suggests we embrace "Tactical literacy." As to what that means, let's start by defining tactical and literacy with regards to cybersecurity.

A group of cybercriminals used mobile emulators to spoof thousands of mobile devices , which enabled them to steal millions of dollars within days. Targeting financial institutions in Europe and the United States, the mobile banking fraud operation relied on over 20 emulators to spoof more than 16,000 mobile devices and access compromised accounts.

Vaccine-related phishing emails and domains are popping up, while criminals are selling phony vaccines via the Dark Web, says Check Point. In another campaign, the email touts the subject line of "Pfizer's Covid vaccine: 11 things you need to know" and includes an executable file named "Covid-19 vaccine brief summary." Clicking on this file triggers the nasty malware called Agent Tesla, a Remote Access Trojan that acts as a keylogger and infostealer.

Cybercriminals have been observed targeting a recently disclosed vulnerability in the GO SMS Pro messaging application to steal user data. Whenever a user attempts to send a media file, Trustwave's SpiderLabs security researchers discovered, the application would generate a URL that can be easily guessed and which does not require authentication to access the shared media.

Cybercriminals are recognizing that the data that automotive companies have to offer - from customer and employee personal identifiable information to financial data - is invaluable. Paul Prudhomme, cyber-threat intelligence analyst at IntSights, warned in new Thursday research that automotive cyberattacks are on the rise - whether they're aimed at intellectual property theft or bent on delivering ransomware.