The recent compromise of the networks of several companies via the abuse of a remote access tool used by MSPs exemplifies why state-aligned threat actors should be on the radars of IT service providers The post APTs target MSP access to customer networks – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Don’t torture people with exceedingly complex password composition rules but do blacklist commonly used passwords, plus other ways to help people help themselves – and your entire organization The post Creating strong, yet user‑friendly passwords: Tips for your business password policy appeared first on WeLiveSecurity
It’s all fun and games until someone gets hacked – here’s what to know about, and how to avoid, threats lurking on the social media juggernaut The post Using Discord? Don’t play down its privacy and security risks appeared first on WeLiveSecurity
A quick dive into the murky world of cyberespionage and other growing threats facing managed service providers – and their customers The post APT groups muddying the waters for MSPs appeared first on WeLiveSecurity
As all things (wrongly called) AI take the world’s biggest security event by storm, we round up of some of their most-touted use cases and applications The post RSA Conference 2023 – How AI will infiltrate the world appeared first on WeLiveSecurity [#item_link]
ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software The post Evasive Panda APT group delivers malware via updates for popular Chinese software appeared first on WeLiveSecurity [#item_link]
Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks The post Did you mistakenly sell your network access? – Week in security with Tony Anscombe appeared first on WeLiveSecurity [#item_link]
Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack The post Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack appeared first on WeLiveSecurity [#item_link]
The importance of understanding – and prioritizing – the privacy and security implications of large language models like ChatGPT cannot be overstated The post What was hot at RSA Conference 2023? – Week in security with Tony Anscombe appeared first on WeLiveSecurity [#item_link]
Enlarge (credit: Thomas Trutschel / Contributor | Photothek) Since late 2022, Mastodon has increasingly become a popular alternative to Twitter for millions of users. This is partly because its CEO and founder, Eugen Rochko, has emphasized that the decentralized social network—which operates as a non-profit—will never be bought by a chaotic billionaire. However, some would-be
