Cybersecurity News
CISA Warns of Renewed Emotet Activity
The Emotet malware dropper is seeing an upsurge in new activity in the second half of 2020.07 October 2020
The New War Room: Cybersecurity in the Modern Era
The introduction of the virtual war room is a new but necessary shift. To ensure its success, security teams must implement new systems and a new approach to cybersecurity.07 October 2020
BAHAMUT Spies-for-Hire Linked to Extensive Nation-State Activity
Researchers uncovered a sophisticated, incredibly well-resourced APT that has its fingers in wide-ranging espionage and disinformation campaigns.
07 October 2020
Working from a hotel? Beware the dangers of public Wi‑Fi
As more and more hotels are turning rooms into offices, the FBI is warning remote workers of cyber-threats lurking in the shadows
The post Working from a hotel? Beware the dangers of public Wi‑Fi appeared first on WeLiveSecurity
07 October 2020
Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables
Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users.
07 October 2020
Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M
September featured two stories on a phony tech investor named John Bernard, a pseudonym used by a convicted thief named John Clifton Davies who's fleeced dozens of technology companies out of an estimated $30 million with the promise of lucrative investments. Those stories prompted a flood of tips from Davies' victims that paint a much clearer picture of this serial con man and his cohorts, including allegations of hacking, smuggling, bank fraud and murder.07 October 2020
PoetRAT Resurfaces in Attacks in Azerbaijan Amid Escalating Conflict
Spear-phishing attacks targeting VIPs and others show key malware changes and are likely linked to the current conflict with Armenia.
07 October 2020
IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish
The upcoming deadlines for applying for coronavirus relief are the lure for a phish that gets around email security gateways by using a legitimate SharePoint page for data-harvesting.
07 October 2020
Beware of ATM Cash-Outs
PCI SSC and ATMIA share guidance and information on protecting against ATM Cash-outs.
07 October 2020
Comcast TV Remote Hack Opens Homes to Snooping
Researchers disclosed the 'WarezTheRemote' attack, affecting Comcast's XR11 voice remote control.
07 October 2020
UK Department For Education fails to meet UK, GDPR data protection standards - with flying colors
A compulsory audit has revealed severe security failings and data management problems.07 October 2020
Hackers exploit Windows Error Reporting service in new fileless attack
The Kraken attack technique abuses WER to avoid detection.07 October 2020
GitLab patches Elasticsearch private group data leak bug
Public group projects made private were still searchable via an API.07 October 2020
ZeroFOX acquires Cyveillance threat intelligence business from LookingGlass
The deal focuses on improving threat intelligence features on the ZeroFOX platform.07 October 2020
US gov’t warns against paying off ransomware attackers
Companies facilitating ransomware payments run the risk of facing stern penalties for violating US regulations
The post US gov’t warns against paying off ransomware attackers appeared first on WeLiveSecurity
06 October 2020
Grindr’s Bug Bounty Pledge Doesn’t Translate to Security
At SAS@Home, Luta Security CEO Katie Moussouris stressed that bug bounty programs aren't a 'silver bullet' for security teams.
06 October 2020
New HEH botnet can wipe routers and IoT devices
The disk-wiping feature is present in the code but has not been used yet.06 October 2020
Male Chastity Device Comes with Massive Security Flaws
Smart sex toy vulnerable to hacks, researchers say -- which could expose users’ most sensitive bits (of data) to cybercriminals.
06 October 2020
Boom! Mobile Customer Data Lost to Fullz House/Magecart Attack
The Magecart spinoff group targeted the wireless service provider in an odd choice of victim.
06 October 2020
Women in Payments: Q&A with Diana Greenhaw
Protecting data is everyone’s responsibility, according to Diana Greenhaw who followed a nontraditional path into the security space. In this month’s blog series, Greenhaw explains why you don’t have to be an information technology expert to work in cybersecurity.
06 October 2020