Online Safety | Breaking Cybersecurity News | The Hacker News

The FBI is investigating the massive hack of Gawker Media. Reports indicate that FBI agents met with Gawker Media CEO Nick Denton on Monday following the hacking incident, which was claimed by a group called Gnosis. The Gawker website was paralyzed, temporarily forcing the gossip site to stop publishing. Hackers managed to access over 100,000 passwords and emails from the 1.3 million registered users. The site was forced to stop publishing on Sunday and sent emails to all registered users, urging them to change their passwords. According to reports, Gawker Media CEO Nick Denton admitted, "We're deeply embarrassed by this breach." Tips to Keep Your Passwords Safe Online Don't Use the Same Password for Everything Using one password for all your accounts is unsafe. If a hacker gets your password for one account, they can access all your online identities. Use Different Passwords for Different Accounts Create and use strong, unique passwords for your online banking, blogging, socia

Google has introduced a new security feature in its search engine to flag more web pages that might have been compromised by hackers. This new feature expands Google's long-standing program that marks websites hosting malicious software with a "This site may harm your computer" warning. Now, a new notation, "This site may be compromised," will indicate pages that may not be malicious but show signs that the site might not be fully controlled by its legitimate owner. This often happens when spammers add invisible links or redirects to unrelated websites, such as pharmacy sites. Additionally, Google will identify sites that have had phishing pages added by hackers. According to the Anti-Phishing Working Group, between 75% and 80% of phishing sites are legitimate sites that have been hacked and seeded with phishing kits to mimic trusted e-commerce and banking sites. It remains to be seen if Google can speed up the process of re-vetting sites flagged as compromised after th

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

Americans are nearly as likely to be victimized by Internet-based crime as by other forms of nonviolent theft. This perception emerges from a recent survey on crimes committed against individuals and their families. According to a Gallup Poll released Monday, 11% of American adults reported that they or a household member were victims of a computer or Internet crime on their home computers in the past year. This marks an increase from the previous seven years, where the percentage ranged between 6% and 8%. Gallup notes: "At 11 percent, computer/Internet-based crime is edging closer in reported frequency to the most common traditional forms of crime involving nonviolent theft of personal property and vandalism. Further, the increase is an exception in the overall crime picture, in that Americans' victimization reports have been fairly steady over the past several years. Not only has the overall percentage of Americans experiencing any type of crime been fairly flat, but Ameri

The Australian police have arrested a 33-year-old man accused of hacking into nearly 100 online accounts. The Australian Federal Police's high-tech crime unit has been monitoring the suspect since last September. This surveillance began when a local telecom company alerted the authorities to suspicious activity within its network. The man allegedly hacked into private and business Internet accounts, downloading data and engaging in other fraudulent activities. The suspect was arrested yesterday, and police confiscated his computer equipment. He now faces charges related to computer intrusion, including unauthorized access, modification, or impairment with intent to commit a serious offense. Neil Gaughan, the national manager of high-tech crime operations and assistant commissioner, stated that this arrest serves as a reminder for people to protect their online safety. "Anyone can be targeted by criminals online; it's important to be aware of the risks and take appropriate act

When Ben Franklin famously wrote, "An ounce of prevention is worth a pound of cure," he wasn't thinking about cybercrime. Yet, in today's world of phishing, shoulder-surfing, and spyware, his advice is more relevant than ever. Unfortunately, some people will take advantage of any opportunity to rip you off. Just as you take precautions when handling cash, you should be vigilant when using credit or debit cards, whether in person or online. Tips for Protecting Your Account Information and Avoiding Payment Card Scams Prevent Online Intrusions Use updated anti-virus and anti-spyware software. Only download information from trusted sites, and don't click on pop-up windows or suspicious links in emails. These can be tricks to install spyware, which can record your keystrokes to steal account or other confidential information. Use Secure Websites When purchasing items online, look for safety symbols like the padlock icon in the browser's status bar, an "s" after "http" in the U

Criminals are posing as IT support staff, calling unsuspecting U.K. internet users to push rogue antivirus software. GetSafeOnline.org reports this as part of their Internet safety week campaign. These scam operations often involve up to 400 people using sales techniques and social engineering to deceive victims. The goal is to obtain credit card information through the sale of rogue antivirus software or gain remote access to the victim's system for future use. Typically, the scam begins with an unexpected call. The caller, pretending to be an IT helpdesk technician, builds rapport with the victim, presenting themselves as trustworthy by using personal information available online. The victim is then questioned about computer problems like slow email or internet browsing. Once the victim admits to an issue, the caller exaggerates the problem and offers a solution for a small fee. The caller might say, "For a small fee, we can install something to fix your system and clean it co

Attackers are targeting people searching for last-minute Halloween costume ideas, reported CyberDefender on Oct. 29. The Internet security vendor, along with other firms like Blue Coat and BitDefender, warned users about the dangers of searching online for Halloween-related topics. "Popular search terms have always been a target for cyber-criminals," said Achal Khetarpal, director of CyberDefender Research Labs. CyberDefender identified a fake anti-virus Trojan downloader infecting pages related to Halloween costume searches. When users visit these pages, the fake anti-virus installer hijacks the user's web browser and initiates a malicious process, making the PC sluggish and exposing personal data. One form of this attack, identified by Panda Labs, displays a fake video player page and prompts users to download a codec to play the video. "Popular search terms reflect current user interests, making them lucrative targets," Khetarpal explained. Criminals create p

Canada released its Cybersecurity Strategy this month, emphasizing the immense challenge of protecting government and corporate computer systems. "There is no simple way to detect, identify, and recover from attackers who cannot be seen or heard, who leave no physical evidence behind them, and who hide their tracks through a complex web of compromised computers." The $90 million (Canadian) strategy focuses on three main areas: Secure government systems : The government will implement the necessary structures, tools, and personnel to fulfill its cybersecurity obligations. Create partnerships to secure non-governmental systems : In cooperation with provincial and territorial governments and the private sector, the government will support initiatives to enhance Canada's cyber resiliency, particularly in critical infrastructure sectors. Help Canadians be secure online : The government will provide Canadians with the information they need to protect themselves and their fami