Future Tense is a partnership of Slate, New America, and Arizona State University that examines emerging technologies, public policy, and society.

After the National Bank of Blacksburg in Virginia suffered two data breaches—one in 2016 and one in 2017—executives must have been pleased that they had planned ahead and purchased cyberinsurance to cover exactly these types of incidents…

https://slate.com/technology/2018/07/cyberinsurance-company-refuses-to-pay-out-full-amount-to-bank-after-hacking.html

Google really, really wants you to use physical security keys to protect yourself from hackers. After announcing that its 85,000 employees have managed to go more than a year without getting phished because of mandated security devices, Google now has its own physical security key to sell you…

https://gizmodo.com/google-wants-you-to-use-physical-security-keys-so-bad-i-1827871604

Spear Phishing is a targeted form of phishing attack where attackers acquire useful information about the victim through research, social engineering and other means. Unlike the phishing attack, the spear phishing attack is more powerful since it is built around information gathered about a specific group or individuals. The attackers behind spear phishing are sometimes able t0 spoof an email address, creating customised email subjects and content to aid in tricking the individuals to open an attachment or click links containing malicious code to be executed in the background…

https://latesthackingnews.com/2018/07/22/what-are-spear-phishing-attacks/

Thousands of credentials for accounts associated with New Zealand-based file storage service Mega have been published online, ZDNet has learned.

The text file contains over 15,500 usernames, passwords, and files names, indicating that each account had been improperly accessed and file names scraped…

https://www.zdnet.com/article/thousands-of-mega-logins-dumped-online-exposing-user-files/

A sophisticated mobile malware campaign is gaining access to iPhones by tricking users to download an open-source mobile device management (MDM) software package.

Once in control, the unidentified hackers can steal various forms of sensitive information from infected devices, including the phone number, serial number, location, contact details, user’s photos, SMS, and Telegram and WhatsApp chat messages.

Thirteen users — all in India — have been been compromised in the attacks, which have been detailed by Cisco Talos. Those infected use a range of iPhone models and are running iOS versions ranging from 10.2.1 to 11.2.6. The campaign has been active since August 2015…

https://www.zdnet.com/article/hacking-campaign-targets-iphone-users-with-data-stealing-location-tracking-malware/