Cybersecurity News
CISA Warns of Renewed Emotet Activity
The Emotet malware dropper is seeing an upsurge in new activity in the second half of 2020.The New War Room: Cybersecurity in the Modern Era
The introduction of the virtual war room is a new but necessary shift. To ensure its success, security teams must implement new systems and a new approach to cybersecurity.BAHAMUT Spies-for-Hire Linked to Extensive Nation-State Activity

Working from a hotel? Beware the dangers of public Wi‑Fi
As more and more hotels are turning rooms into offices, the FBI is warning remote workers of cyber-threats lurking in the shadows
The post Working from a hotel? Beware the dangers of public Wi‑Fi appeared first on WeLiveSecurity
Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M
September featured two stories on a phony tech investor named John Bernard, a pseudonym used by a convicted thief named John Clifton Davies who's fleeced dozens of technology companies out of an estimated $30 million with the promise of lucrative investments. Those stories prompted a flood of tips from Davies' victims that paint a much clearer picture of this serial con man and his cohorts, including allegations of hacking, smuggling, bank fraud and murder.PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict

IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish

Beware of ATM Cash-Outs
PCI SSC and ATMIA share guidance and information on protecting against ATM Cash-outs.
Comcast TV Remote Hack Opens Homes to Snooping

UK Department For Education fails to meet UK, GDPR data protection standards - with flying colors
A compulsory audit has revealed severe security failings and data management problems.Hackers exploit Windows Error Reporting service in new fileless attack
The Kraken attack technique abuses WER to avoid detection.GitLab patches Elasticsearch private group data leak bug
Public group projects made private were still searchable via an API.ZeroFOX acquires Cyveillance threat intelligence business from LookingGlass
The deal focuses on improving threat intelligence features on the ZeroFOX platform.US gov’t warns against paying off ransomware attackers
Companies facilitating ransomware payments run the risk of facing stern penalties for violating US regulations
The post US gov’t warns against paying off ransomware attackers appeared first on WeLiveSecurity
Grindr’s Bug Bounty Pledge Doesn’t Translate to Security

New HEH botnet can wipe routers and IoT devices
The disk-wiping feature is present in the code but has not been used yet.Male Chastity Device Comes with Massive Security Flaws

Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack

Women in Payments: Q&A with Diana Greenhaw
Protecting data is everyone’s responsibility, according to Diana Greenhaw who followed a nontraditional path into the security space. In this month’s blog series, Greenhaw explains why you don’t have to be an information technology expert to work in cybersecurity.