Security News

NSO Group - sued by Facebook for developing Pegasus spyware that targeted WhatsApp users - this week claimed Facebook tried to license the very same surveillance software to snoop on its own social-media addicts. The Israeli spyware maker's CEO Shalev Hulio alleged in a statement [PDF] to a US federal district court that in 2017 he was approached by Facebook reps who wanted to use NSO's Pegasus technology in Facebook's controversial Onavo Protect app to track mobile users.

Many U.S. government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Here's a sobering statistic: According to PhishLabs, by the end of 2019 roughly three-quarters of all phishing sites were using SSL certificates.

Ransomware attacks are still happening, and more employees need to be trained on how to prevent them. TechRepublic's Karen Roby spoke with Rahul Kashyap, president and CEO of Awake Security, about the prevalence of ransomware and how to prevent it.

Ransomware attacks are still happening, and more employees need to be trained on how to prevent them.

DDoS attacks come in different sizes and types and it's not been revealed which methods were used beyond the fact the attacks lasted for hours. These days, DDoS attacks are not the potent weapon they once were, primarily because large websites are protected by a newer generation of defences trained on a number of large attacks, hijacking a widening range of protocols.

In an impeccable instance of horrible timing, the US government's Department of Health and Human Services says it fended off a cyberattack by online scumbags. The attack - presumably not a load of citizens hitting Uncle Sam's web servers looking for information - did not, we're told, have had any serious impact on operations, but with American's desperate for information about the coronavirus pandemic, the attempted takedown came at the worst possible time.

The U.S Department of Health and Human Services was the victim of a cyberattack on Sunday as the federal government attempts to deal with the coronavirus crisis, according to a report from Bloomberg. "The U.S. Health & Human Services fell victim to a Distributed Denial of Service attack yesterday when several endpoints controlled by a nation-state attacked their networks," Stephen Boyce, principal consultant at risk management and digital forensics firm Crypsis Group, said.

Three surveillance powers available to the U.S. government are set to temporarily expire Sunday after a trio of senators opposed a bipartisan House bill that would renew the authorities and impose new restrictions. The three senators, longtime critics of government surveillance, said the House bill would still give the government too much power to surveil Americans.

Despite recent revelations that the process by which the FBI and NSA gain approval for spying on US citizens is open to abuse, the US Congress is again planning to reauthorize the USA Freedom Act that gives those measures their legal foundation. The situation is similar to two years ago, when a group of senators fiercely opposed the reauthorization of another flawed spying program without significant reforms, but were defeated when it was attached to an end-of-year spending bill: something critics characterized as "An end-run around the Constitution."

The US needs a top-level cybersecurity coordinator and a better strategy of "Deterrence" to protect against hackers and other cyber threats, a congressionally mandated commission said Wednesday. The bipartisan panel which included lawmakers and private sector experts made more than 80 recommendations ranging from reforms in the executive and legislative branches to better cooperation with allies to secure cyberspace.