Security News

Russia has put forward a draft convention to the United Nations ostensibly to fight cyber-crime. The proposal, titled "United Nations Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes," [PDF] calls for member states to develop domestic laws to punish a far broader set of offenses than current international rules recognize.

According to a new Sophos Home survey, forty-five percent of consumers say they're more at risk of being hit by an attack now than they were before the pandemic, and 61% believe their household could be the target of an attack in the next year. Many consumers are uninformed about online security.

Verifiable credentials provide a tamper-secure way for users to prove their identity online, without sacrificing their safety, privacy, or security during the process. Based on a new web standard approved by the W3C in 2019, verifiable credentials are the digital equivalents of the paper documents we carry in our wallets and use to prove who we are in the physical world.

NortonLifeLock announced that the Norton Security Universal Windows Platform app will be pre-installed on select new Lenovo laptop PCs. Expanding its collaboration of more than two decades, NortonLifeLock will help protect Lenovo's always-on, always-connected laptops, including the Yoga 5G, IdeaPad 5G and IdeaPad 4G LTE, bringing a trusted level of security to consumers. Last year, Lenovo paved the way for 5G-connected laptops with the introduction of the innovative Yoga 5G. Now, with the release of the mainstream IdeaPad 5G and IdeaPad 4G LTE models earlier this year, Lenovo expands consumers' options and access to the freedom of all-day, anywhere connectivity.

Criminals have hacked into a Gumtree-style website used for buying and selling firearms, making off with a 111,000-entry database containing partial information from a CRM product used by gun shops across the UK. The Guntrader breach earlier this week saw the theft of a SQL database powering both the Guntrader. Uk buy-and-sell website and its electronic gun shop register product, comprising about 111,000 users and dating between 2016 and 17 July this year.

Cognito launched Cognito Flow, a global identity verification and compliance system. Cognito Flow provides the full stack of online verification requirements for global business customers, including scanning and verifying passport and driver's license verifications, liveness checks, risk flags, and more, and can do it instantly across hundreds of countries.

Akamai is investigating an ongoing outage affecting many major websites and online services, including Steam, the PlayStation Network, Newegg, AWS, Amazon, Google, and Salesforce. While the company has already acknowledged the issue, pinning it on an Edge DNS service problem, Akamai is still trying to find the underlying cause behind the incident.

A new initiative aims to make it easier to report personal abuse and harassment within the information security industry - without the involvement of social media mobs. Respect in Security, launched today with support from Trend Micro's veep of security research Rik Ferguson, Lisa Forte, a partner at Red Goat Cyber Security and other notable folk from the UK infosec scene, aims to set up a "Vulnerability style" reporting scheme for infosec professionals to flag up harassment and abuse to abusers' employers.

A new initiative aims to make it easier to report personal abuse and harassment within the information security industry - without the involvement of social media mobs. Respect in Security, launched today with support from Trend Micro's veep of security research Rik Ferguson, Lisa Forte, a partner at Red Goat Cyber Security and other notable folk from the UK infosec scene, aims to set up a "Vulnerability style" reporting scheme for infosec professionals to flag up harassment and abuse to abusers' employers.

An ongoing worldwide campaign is pushing new malware dubbed MosaicLoader advertising camouflaged as cracked software via search engine results to infect wannabe software pirates' systems. MosaicLoader is a malware downloader designed by its creators to deploy more second-stage payloads on infected systems, as Bitdefender researchers revealed in a report published today and shared with BleepingComputer last week.