89Articles
9Categories
2024-04-03Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
3 AprCritical Security Flaw Found in Popular LayerSlider WordPress PluginA critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from databases, such as password hashes. The flaw, designated as CVE-2024-2879, carries a CVSS score of 9.8 out of a maximum of 10.0. It has been describe…THEHACKERNEWS.COM
3 AprNew XZ Utils Backdoor Free Scanner to Detect Malicious ExecutablesA critical vulnerability has been discovered in XZ Utils, a widely used data compression tool across Unix-like operating systems, including Linux. This vulnerability, identified as CVE-2024-3094, involves a backdoor that could potentially allow unauthorized remote access, posing …GBHACKERS.COM
3 AprCVE and NVD – A Weak and Fractured Source of Vulnerability TruthMITRE is unable to compile a list of all new vulnerabilities, and NIST is unable to subsequently, and consequently, provide an enriched database of all vulnerabilities. What went wrong, and what can be done? The post CVE and NVD – A Weak and Fractured Source of Vulnerabilit…SECURITYWEEK.COM
3 Apr KEVGoogle Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic CompaniesGoogle has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies. The high-severity zero-day vulnerabilities are as follows - CVE-2024-29745 - An information disclosure flaw in the bootloader component…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
3 AprVulnerability Exposed Ibis Budget Guest Room Codes to Hackerssubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.hackread.com/ibis-budget-guest-room-codes-hacker-vulnerability/ Hackers Find Easy Access to Rooms at Ibis Budget Hotels!HACKREAD.COM
3 AprWhat is identity fabric immunity? Abstracting identity for better securityIdentity fabric immunity is an approach to managing identity in a complex infrastructure environment like hybrid cloud or multicloud. One eternal fact of life in software development is that complexity compounds. For the CISO, this truth is seen at work in the enterprise infrastr…CSOONLINE.COM
3 AprCISA Sounds Alarm on Deep-Seated Vulnerability in Linux ToolThe Cybersecurity and Infrastructure Security Agency issued an alert Friday warning of a previously unnoticed backdoor in a widely used Linux tool that compresses and encrypts files shared between parties.NEXTGOV.COM
3 AprPCI DSS explained: Requirements, fines, and steps to complianceWhat is PCI DSS? PCI DSS is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe. Companies can demonstrate that they’ve implemented the standard by meeting the reporting requirements la…CSOONLINE.COM
3 AprCyber Security Today, April 3, 2024 - New Linux vulnerability is found, and a must-read ransomware case studyThis episode reports on a data breach at OWASP, Google to delete data it collected in Incognito Mode, and moreCYBERSECURITYTODAY.LIBSYN.COM
3 Apr KEVGoogle Patches Exploited Pixel VulnerabilitiesGoogle patches 28 vulnerabilities in Android and 25 bugs in Pixel devices, including two flaws exploited in the wild. The post Google Patches Exploited Pixel Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
3 AprPodcast: How to Read Leaked Datasets Like a Journalist - Micah Lee - 55 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/3cc125be-eed2-423d-bc22-4232c70ce6b0.png How to Read Leaked Datasets Like a Journalist ‘Hacks, Leaks, and Revelations’ is a how-to guide for everyone who’s curious about secrets. We live in …INFOSEC.PUB
3 AprGoogle Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2OwnGoogle pushes a new Chrome update to patch another zero-day vulnerability demonstrated at a hacking contest. The post Google Patches Chrome Flaw That Earned Hackers $42,500 at Pwn2Own appeared first on SecurityWeek .SECURITYWEEK.COM
3 AprAttack Surface Management vs. Vulnerability ManagementAttack surface management (ASM) and vulnerability management (VM) are often confused, and while they overlap, they’re not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of know…THEHACKERNEWS.COM
3 AprUnpatched Vulnerabilities: The Most Brutal Ransomware Attack VectorWhile all ransomware attacks have negative outcomes, those that start by exploiting unpatched vulnerabilities have the greatest business impact.SOPHOS.COM
3 AprPixel Update Bulletin—April 2024 | Android Open Source ProjectA total of 24 vulnerabilities leading to elevation of privilege (EoP) and information disclosure were addressed in various Pixel components, and another was resolved in Qualcomm components.SOURCE.ANDROID.COM
3 AprIntroducing Sophos Managed Risk, Powered by TenableSophos Managed Risk combines vulnerability management technology from Tenable with Sophos’ threat expertise as a fully managed service.SOPHOS.COM
3 AprSecurity concerns could be holding back AI projects: ReportAccording to a new report, when implementing AI, 52% of organizations faced challenges with internal data quality. Moreover, 45% of organizations surveyed encountered unintended data exposures. “Unsurprisingly, data privacy and security were among the top concerns for organizatio…CSOONLINE.COM
3 AprGenAI: The next frontier in AI security threatsThreat actors aren’t attacking generative AI (GenAI) at scale yet, but these AI security threats are coming. That prediction comes from the 2024 X-Force Threat Intelligence Index. Here’s a review of the threat intelligence types underpinning that report. Cyber crimina…SECURITYINTELLIGENCE.COM
3 AprCritical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress SitesA critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information. The post Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites appeared first on SecurityWeek .SECURITYWEEK.COM
3 AprGoogle fixes two Pixel zero-day flaws exploited by forensics firmsGoogle has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them. [...]BLEEPINGCOMPUTER.COM
3 AprGoogle fixes one more Chrome zero-day exploited at Pwn2OwnGoogle has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. [...]BLEEPINGCOMPUTER.COM
3 AprIvanti fixes VPN gateway vulnerability allowing RCE, DoS attacksIT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. [...]BLEEPINGCOMPUTER.COM
3 AprAembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox ContestThe Leading Company for Securing Access Between Workloads Recognized for the Aembit Workload IAM Platform Aembit, the Workload Identity and Access Management (IAM) Company, has been named one of the Top 10 Finalists for the RSA Conference™ 2024 Innovation Sandbox contest for its …GBHACKERS.COM
3 AprUS and UK Partner to Align on AI Safety and Share ResourcesNations to Jointly Develop Evaluation Mechanisms and Risk Mitigation Guides The United States and the United Kingdom signed a landmark artificial intelligence agreement on Monday to work together to develop tests for the most advanced AI models and share research capabilities. Th…DATABREACHTODAY.CO.UK
3 AprUS government blames 2023 Exchange breach on ‘preventable’ security failures by MicrosoftThe US Department of Homeland Security (DHS) has issued a critical assessment of Microsoft’s security protocols in the wake of the summer 2023 Exchange Online breach , concluding that security failures within Microsoft created the conditions that allowed Chinese state-backed hack…CSOONLINE.COM
3 AprStrengthening cyber resiliency through collaborationAccording to the National Institute of Standards and Technology (NIST), cyber resilience is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.” Resilience f…CSOONLINE.COM
3 AprVeracode Promotes Brian Roche to CEO, Buys Longbow SecurityRoche Replaces Sam King, Who Joined Veracode in 2006 and Became CEO in 2019 Veracode tapped product leader Brian Roche as its next CEO and tasked him with helping secure the adoption of large language models and open-source software. The Boston-area application risk management ve…DATABREACHTODAY.CO.UK
📋 SECURITY BULLETINS 1[−]
3 AprCritical flaw in LayerSlider WordPress plugin impacts 1 million sitesA premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 4[−]
🔥 INCIDENT REPORTING 23[−]
3 AprDarkGate Malware Abusing Cloud Storage & SEO Following Delivery Over TeamsDarkGate loader delivery surged after the Qakbot takedown, with financially motivated actors like TA577 and ransomware groups (BianLian, Black Basta) using it to target financial institutions (US, Europe) for double extortion.  It establishes an initial foothold and deploys …GBHACKERS.COM
3 AprUpdate: INC Ransom Claims 'Cyber Incident' at UK City CouncilThe cybercriminals behind INC Ransom are claiming responsibility for the ongoing cybersecurity incident at Leicester City Council, according to a post caught by security researchers.THEREGISTER.COM
3 AprJackson County Missouri Ransomware Attack Impacts IT SystemsJackson County, Missouri, has become the latest victim of a ransomware attack, which has caused substantial disruptions within its Information Technology (IT) systems. This attack has highlighted the vulnerabilities in digital infrastructures and the cascading effects such disrup…GBHACKERS.COM
3 AprMispadu Trojan Targets Europe, Thousands of Credentials CompromisedThe banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy, Poland, and Sweden. Targets of the ongoing campaign include entities spanning finance, services, motor vehicle manufacturin…THEHACKERNEWS.COM
3 AprUnveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark DisruptionOur new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption.TRENDMICRO.COM
3 AprXZ Utils Backdoor Attack Brings Another Similar Incident to LightThe discovery of the XZ Utils backdoor reminds an F-Droid developer of a similar incident that occurred a few years ago. The post XZ Utils Backdoor Attack Brings Another Similar Incident to Light appeared first on SecurityWeek .SECURITYWEEK.COM
3 AprHackers disrupt Apex Legends esports tournament | Kaspersky official blogHackers breached esports players during the Apex Legends Global Series, forcing the tournament to be postponed. We explore how this could have been prevented, and offer protection solutions for gamers.KASPERSKY.COM
3 AprMissouri County Hit by RansomwareJackson County, Missouri, discloses ‘significant disruptions’ to IT systems, says ransomware attack likely at fault. The post Missouri County Hit by Ransomware appeared first on SecurityWeek .SECURITYWEEK.COM
3 AprMicrosoft’s Exchange Server Hack: Key Rotation Flaw Triggers BreachStorm-0558, a cyberespionage group affiliated with the People’s Republic of China, has reportedly compromised Microsoft Exchange mailboxes of 22 organizations and over 500 individuals between May and June 2023. This was done by using authentication tokens of accounts that w…GBHACKERS.COM
3 AprMissouri County Declares State of Emergency Amid Suspected Ransomware AttackThe systems confirmed inoperable include tax and online property payments, issuance of marriage licenses, and inmate searches. In response, the Assessment, Collection and Recorder of Deeds offices at all county locations were closed.ARSTECHNICA.COM
3 AprU.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based HackersThe U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year. The findings, released by the Depart…THEHACKERNEWS.COM
3 AprAT&T faces lawsuits over data breach affecting 73 million customersAT&T is facing multiple class-action lawsuits following the company's admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. [...]BLEEPINGCOMPUTER.COM
3 AprNew Report Shows Phishing Links and Malicious Attachments Are The Top Entry Points of Cyber AttacksNew TTP attack data covering 2023 sheds much needed light on the threat actor and user actions that are putting organizations at the most risk.KNOWBE4.COM
3 AprAfter Ransomware Hits, County Declares State of EmergencyMissouri County Blames Ransomware for IT Outages; Special Election Not Disrupted The Missouri county of Jackson has declared a state of emergency after being hit by ransomware on the day of a special election. Officials said attackers didn't appear to have stolen any data and tha…DATABREACHTODAY.CO.UK
3 AprUS State Department investigates alleged theft of government dataThe U.S. Department of State is investigating claims of a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor. [...]BLEEPINGCOMPUTER.COM
3 AprFeds Hit 2 Nursing Home Firms With 'Right of Access' FinesAlso: HHS Updates HIPAA Privacy Guidance on Patient Requests to Restrict PHI Access Federal regulators are continuing their crusade for healthcare firms to provide patients and their representatives with timely access to medical records when requested. HHS OCR recently hit two nu…DATABREACHTODAY.CO.UK
3 AprJackson County in state of emergency after ransomware attackJackson County, Missouri, is in a state of emergency after a ransomware attack took down some county services on Tuesday. [...]BLEEPINGCOMPUTER.COM
3 AprChilean hosting firm's VMware ESXi servers hit by new SEXi ransomwareChilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. [...]BLEEPINGCOMPUTER.COM
3 AprSurveyLama data breach exposes info of 4.4 million usersData breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users. [...]BLEEPINGCOMPUTER.COM
3 AprOmni Hotels confirms cyberattack behind ongoing IT outageOmni Hotels & Resorts has confirmed a cyberattack caused a nationwide IT outage that is still affecting its locations. [...]BLEEPINGCOMPUTER.COM
3 AprHosting firm's VMware ESXi servers hit by new SEXi ransomwareChilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. [...]BLEEPINGCOMPUTER.COM
3 AprUS State Department Investigating Hacking ClaimsNotorious Hacker Alleges They Stole Data From National Security Contractor The U.S. Department of State confirmed it’s investigating claims of a cyber incident after a notorious hacker known as IntelBroker posted on a publicly accessible hacking forum that they had leaked data be…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 15[−]
3 AprISC Stormcast For Wednesday, April 3rd, 2024 https://isc.sans.edu/podcastdetail/8922, (Wed, Apr 3rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
3 AprBeware of New Mighty Stealer That Takes Webcam Pictures & Capture CookiesA new menace has emerged that targets personal information with alarming precision. Dubbed the “Mighty Stealer,” this malicious software is designed to infiltrate devices and extract a wide range of sensitive data. The Mighty Stealer is a sophisticated malware that bo…GBHACKERS.COM
3 AprPodcast: The Cybersecurity Vault - episode #30, with guest Lisa Forte - 1 hoursubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/3a7fdc84-6ce7-4154-81a8-7e9f7c122ed7.png The Cybersecurity Vault - episode #30, with guest Lisa Forte . Effectively responding to cybersecurity crisis events is crucial, yet many organizatio…INFOSEC.PUB
3 AprClass-Action Lawsuit against Google’s Incognito ModeThe lawsuit has been settled : Google has agreed to delete “billions of data records” the company collected while users browsed the web using Incognito mode, according to documents filed in federal court in San Francisco on Monday. The agreement, part of a settlement …SCHNEIER.COM
3 AprThreat Actors Deliver Malware via YouTube Video Game CracksMany types of video games appear to be targeted to younger users including games popular with children, a group that is less likely to be able to identify malicious content and risky online behaviors.PROOFPOINT.COM
3 AprWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
3 AprScathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese HackCyber Safety Review Board, said “a cascade of errors” by Microsoft let state-backed Chinese cyber operators break into email accounts of senior U.S. officials. The post Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack appeared fi…SECURITYWEEK.COM
3 AprKnow Your Audience When Speaking to Security PractitionersHow can security practitioners make sense of the vendor landscape and separate those who talk a good game from those who can execute, perform, and solve real problems for enterprises? The post Know Your Audience When Speaking to Security Practitioners appeared first on SecurityWe…SECURITYWEEK.COM
3 AprPalo Alto Networks 2023 ESG Report — Securing Our Digital FuturePalo Alto Networks released our fiscal 2023 Environmental, Social and Governance (ESG) Report to share the progress we’ve made in the last year. The post Palo Alto Networks 2023 ESG Report — Securing Our Digital Future appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
3 AprNumber of Chinese Devices in US Networks Growing Despite BansAn analysis by Forescout shows 300,000 Chinese devices in the US, up 40% compared to the previous year, despite bans. The post Number of Chinese Devices in US Networks Growing Despite Bans appeared first on SecurityWeek .SECURITYWEEK.COM
3 AprMalicious App Impersonates McAfee to Distribute Malware Via Text and Phone CallsA trojanized version of the McAfee Security app is installing the Android banking Trojan “Vultur,” according to researchers at Fox-IT. The attackers are spreading links to the malicious app via text messages and phone calls.KNOWBE4.COM
3 AprMore Than Half of Organizations Plan to Adopt AI Solutions in Coming Year, Reports Cloud Security Alliance and Google Cloudsubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://www.darkreading.com/cloud-security/more-than-half-of-organizations-plan-to-adopt-ai-solutions-in-coming-year-according-to-cloud-security-alliance-and-google-cloud-reportDARKREADING.COM
3 AprGoogle Proposes Method for Stopping Multifactor RunaroundDevice Bound Session Credentials Tie Authentication Cookies to Specific Computers Google is prototyping a method to stymie hackers who get around multifactor security by stealing authentication cookies from desktops. Google says its proposal for cryptographically tying authentica…DATABREACHTODAY.CO.UK
3 AprMicrosoft still unsure how hackers stole MSA key in 2023 Exchange attackThe U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an …BLEEPINGCOMPUTER.COM
3 AprGet end-to-end protection with Microsoft’s unified security operations platform, now in public previewMicrosoft’s unified security operations platform is now in public preview. Read on for details of how a comprehensive approach to cybersecurity can benefit your security operations center. The post Get end-to-end protection with Microsoft’s unified security operations platf…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
3 AprEarth Freybug Uses UNAPIMON for Unhooking Critical APIsThe adversarial collective is known to rely on a combination of living-off-the-land binaries (LOLBins) and custom malware to realize its goals. Also adopted are techniques like DLL hijacking and API unhooking.TRENDMICRO.COM
3 AprGoogle Chrome Beta Tests New DBSC Protection Against Cookie-Stealing AttacksGoogle on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against session cookie theft by malware. The prototype – currently tested against "some" Google Account users running Chrome Beta – is built with an a…THEHACKERNEWS.COM
3 AprSome things you can learn from SSH traffic, (Wed, Apr 3rd)This week, the SSH protocol made the news due to the now infamous xz-utils backdoor. One of my favorite detection techniques is network traffic analysis. Protocols like SSH make this, first of all, more difficult. However, as I did show in the discussion of SSH identification str…ISC.SANS.EDU
🎙️ PODCASTS 1[−]
3 AprSmashing Security podcast #366: Money-making bots, and Incognito isn’t privateGoogle says it is deleting the your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data? All this and much much more is discussed…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 15[−]
3 AprIndian government’s cloud spilled citizens’ personal data online for yearsThe Indian government has finally resolved a years-long cybersecurity issue that exposed reams of sensitive data about its citizens. A security researcher exclusively told TechCrunch he found at least hundreds of documents containing citizens’ personal information — includi…TECHCRUNCH.COM
3 AprVeracode Acquires Longbow Security to Help Organizations Reduce Application RiskThe acquisition marks the next exciting phase of Veracode, underscoring the company’s commitment to help organizations manage and reduce application risk across the growing attack surface.HELPNETSECURITY.COM
3 AprAgent Tesla Targeting United States and AustraliaOn the 7th of November 2023, an Agent Tesla campaign started against Australian organizations, and the same actor performed another campaign targeting mainly Australian entities.RESEARCH.CHECKPOINT.COM
3 AprIt’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024The latter half of 2023 found numerous fronts on which attackers failed to press ahead. Are defenders failing to take advantage?SOPHOS.COM
3 AprGoogle to Delete Billions of Browser Records to Settle ‘Incognito’ LawsuitGoogle will delete billions of data records as part of a settlement for a lawsuit that accused the tech giant of improperly tracking the web-browsing habits of users who thought they were browsing the internet privately.ABC7NEWS.COM
3 Apr‘The Manipulaters’ Improve Phishing, Still Fail at OpsecRoughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called "The Manipulaters," a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about th…KREBSONSECURITY.COM
3 AprHighly sensitive files mysteriously disappeared from EUROPOL headquartersThe disappearance of the personal files of EUROPOL officials poses a serious risk to the impacted individuals and the agency’s operations, including its investigations. EUROPOL notified the impacted individuals and the EDPS.SECURITYAFFAIRS.COM
3 Apr6 Prompts You Don't Want Employees Putting in Microsoft CopilotMicrosoft Copilot is a powerful asset for companies, but with it comes an increased risk of data exposure. In this article, Varonis demonstrates prompt-hacking examples that can expose sensitive data. [...]BLEEPINGCOMPUTER.COM
3 AprSecurity Pioneer Ross Anderson Dies At 67PACKETSTORMSECURITY.COM
3 AprWhy a Cloud Security Platform Approach is CriticalExplore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture.TRENDMICRO.COM
3 AprThe US or the UK: Where Should You Get a Cybersecurity Job?Differences in How the United States and United Kingdom Think About Cybersecurity The differences between working in cybersecurity in the U.K. and U.S. are not just a matter of accent or office culture; they are a study in how national security priorities, regulatory environments…DATABREACHTODAY.CO.UK
3 AprHow often should you change your passwords?And is that actually the right question to ask? Here’s what else you should consider when it comes to keeping your accounts safe.WELIVESECURITY.COM