Western Digital Hit by Network Security Breach - Critical Services Disrupted!

Data storage devices maker Western Digital on Monday disclosed a "network security incident" that involved unauthorized access to its systems. The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a "number of the company's systems." Following the discovery of the hack, Western Digital said it has initiated incident response efforts and enlisted

Spring into action and tidy up your digital life like a pro

Spring is in the air and as the leaves start growing again, why not breathe some new life into the devices you depend on so badly?

The post Spring into action and tidy up your digital life like a pro appeared first on WeLiveSecurity

Why you should spring clean your home network and audit your backups

Do you know how many devices are connected to your home network? You don’t? This is precisely why it’s time for a network audit.

The post Why you should spring clean your home network and audit your backups appeared first on WeLiveSecurity

What are the cybersecurity concerns of SMBs by sector?

Some sectors have high confidence in their in-house cybersecurity expertise, while others prefer to enlist the support of an external provider to keep their systems and data secured

The post What are the cybersecurity concerns of SMBs by sector? appeared first on WeLiveSecurity

Safety first: 5 cybersecurity tips for freelance bloggers

The much-dreaded writer’s block isn’t the only threat that may derail your progress. Are you doing enough to keep your blog (and your livelihood) safe from online dangers?

The post Safety first: 5 cybersecurity tips for freelance bloggers appeared first on WeLiveSecurity

DFIR via XDR: How to expedite your investigations with a DFIRent approach

Rapid technological evolution requires security that is resilient, up to date and adaptable. In this article, we will cover the transformation in the field of DFIR (digital forensics and incident response) in the last couple years, focusing on the digital forensics' aspect and how XDR fits into the picture. Before we dive into the details, let's first break down the main components of DFIR and

RSA Conference 2023 – How AI will infiltrate the world

As all things (wrongly called) AI take the world’s biggest security event by storm, we round up of some of their most-touted use cases and applications

The post RSA Conference 2023 – How AI will infiltrate the world appeared first on WeLiveSecurity

Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

Just a few short years ago, lateral movement was a tactic confined to top APT cybercrime organizations and nation-state operators. Today, however, it has become a commoditized tool, well within the skillset of any ransomware threat actor. This makes real-time detection and prevention of lateral movement a necessity to organizations of all sizes and across all industries. But the disturbing truth

APT groups muddying the waters for MSPs

A quick dive into the murky world of cyberespionage and other growing threats facing managed service providers – and their customers

The post APT groups muddying the waters for MSPs appeared first on WeLiveSecurity

Creating strong, yet user‑friendly passwords: Tips for your business password policy

Don’t torture people with exceedingly complex password composition rules but do blacklist commonly used passwords, plus other ways to help people help themselves – and your entire organization

The post Creating strong, yet user‑friendly passwords: Tips for your business password policy appeared first on WeLiveSecurity

Your Twitter Feed Sucks Now. These Free Add-Ons Can Help

A  few simple tools can help filter out most Twitter Blue users (but still see the ones you like).

Western Digital Confirms Customer Data Stolen by Hackers in March Breach

Digital storage giant Western Digital confirmed that an "unauthorized third party" gained access to its systems and stole personal information belonging to the company's online store customers. "This information included customer names, billing and shipping addresses, email addresses and telephone numbers," the San Jose-based company said in a disclosure last week. "In addition, the database

How the war in Ukraine has been a catalyst in private‑public collaborations

As the war shows no signs of ending and cyber-activity by states and criminal groups remains high, conversations around the cyber-resilience of critical infrastructure have never been more vital

The post How the war in Ukraine has been a catalyst in private‑public collaborations appeared first on WeLiveSecurity

You may not care where you download software from, but malware does

Why do people still download files from sketchy places and get compromised as a result?

The post You may not care where you download software from, but malware does appeared first on WeLiveSecurity

Meet “AI”, your new colleague: could it expose your company’s secrets?

Before rushing to embrace the LLM-powered hire, make sure your organization has safeguards in place to avoid putting its business and customer data at risk

The post Meet “AI”, your new colleague: could it expose your company’s secrets? appeared first on WeLiveSecurity

Top 5 search engines for internet‑connected devices and services

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet

The post Top 5 search engines for internet‑connected devices and services appeared first on WeLiveSecurity

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting

Digital security for the self‑employed: Staying safe without an IT team to help

Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business

The post Digital security for the self‑employed: Staying safe without an IT team to help appeared first on WeLiveSecurity

5 Reasons Why Access Management is the Key to Securing the Modern Workplace

The way we work has undergone a dramatic transformation in recent years. We now operate within digital ecosystems, where remote work and the reliance on a multitude of digital tools is the norm rather than the exception. This shift – as you likely know from your own life – has led to superhuman levels of productivity that we wouldn't ever want to give up. But moving fast comes at a cost. And for

Cyber insurance: What is it and does my company need it?

While not a 'get out of jail free card' for your business, cyber insurance can help insulate it from the financial impact of a cyber-incident

The post Cyber insurance: What is it and does my company need it? appeared first on WeLiveSecurity

Passwords out, passkeys in: are you ready to make the switch?

With passkeys poised for prime time, passwords seem passé. What are the main benefits of ditching one in favor of the other?

The post Passwords out, passkeys in: are you ready to make the switch? appeared first on WeLiveSecurity

Avoid juice jacking and recharge your batteries safely this summer

Cybercriminals can use USB charging stations in airports, hotels, malls or other public spaces as conduits for malware

The post Avoid juice jacking and recharge your batteries safely this summer appeared first on WeLiveSecurity

Verizon 2023 DBIR: What’s new this year and top takeaways for SMBs

Here are some of the key insights on the evolving data breach landscape as revealed by Verizon’s analysis of more than 16,000 incidents

The post Verizon 2023 DBIR: What’s new this year and top takeaways for SMBs appeared first on WeLiveSecurity

The danger within: 5 steps you can take to combat insider threats

Some threats may be closer than you think. Are security risks that originate from your own trusted employees on your radar?

The post The danger within: 5 steps you can take to combat insider threats appeared first on WeLiveSecurity

India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users' Privacy First

The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill (DPDPB) after it was unanimously passed by both houses of the parliament last week, marking a significant step towards securing people's information. "The Bill provides for the processing of digital personal data in a manner that recognizes both the rights of the individuals to protect their

How to Talk to Your Kids About Social Media and Mental Health

Here’s what the science really says about teens and screens—and how to start the conversation with young people of any age.

Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads

The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates. "This suggests that the threat actors are streamlining operations by making their techniques multipurpose," Trend Micro researchers said in a new analysis published this

Digital security for the self-employed: Staying safe without an IT team to help

Nobody wants to spend their time dealing with the fallout of a security incident instead of building up their business

What to know about the MOVEit hack – Week in security with Tony Anscombe

The US government has now announced a bounty of $10 million for intel linking the Cl0p ransomware gang to a foreign government

The good, the bad and the ugly of AI – Week in security with Tony Anscombe

The growing use of synthetic media and the difficulties in distinguishing between real and fake content raise a slew of legal and ethical questions

What’s up with Emotet?

A brief summary of what happened with Emotet since its comeback in November 2021

Deepfake Porn Is Out of Control

New research shows the number of deepfake videos is skyrocketing—and the world's biggest search engines are funneling clicks to dozens of sites dedicated to the nonconsensual fakes.

U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown

The U.S. Department of the Treasury imposed sanctions against a 37-year-old Russian woman for taking part in the laundering of virtual currency for the country's elites and cybercriminal crews, including the Ryuk ransomware group. Ekaterina Zhdanova, per the department, is said to have facilitated large cross border transactions to assist Russian individuals to gain access to Western financial

CISA Has a New Road Map for Handling Weaponized AI

In its plans to implement a White House executive order, CISA aims to strike a balance between promoting AI adoption for national security and defending against its malicious use.

6 Steps to Accelerate Cybersecurity Incident Response

Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore normal operations as quickly as possible. That’s why it’s essential that these teams not only have the right tools but also understand how to effectively

Four U.S. Nationals Charged in $80 Million Pig Butchering Crypto Scam

Four U.S. nationals have been charged for participating in an illicit scheme that earned them more than $80 million via cryptocurrency investment scams. The defendants – Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, Rosemead, California; and Hailong Zhu, 40, Naperville, Illinois – have been charged with conspiracy to commit money laundering,

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person, described as the “mastermind” behind the operation, was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider