---

Treasury Releases Fraud and Money Mule ID Tips

A new advisory from FinCEN helps financial institutions spot illicit activities and actors.

---

Free decryptor available for ThiefQuest ransomware victims

ThiefQuest (EvilQuest) ransomware victims can now recover their encrypted files for free, without needing to pay the ransom demand.

---

Microsoft Seizes Domains Used in COVID-19-Themed Attacks

Court grants company's bid to shut down infrastructure used in recent campaigns against Office 365 users.

---

Drone Path Often Reveals Operator's Location

The threat posed by drones to critical infrastructure and other operational technology is made more serious by the inability of law enforcement to locate operators, researchers say.

---

Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud

Cosmic Lynx takes a sophisticated approach to business email compromise and represents a shift in tactics for Russian cybercriminals.

---

Framing the Security Story: The Simplest Threats Are the Most Dangerous

Don't be distracted by flashy advanced attacks and ignore the more mundane ones.

---

German authorities seize 'BlueLeaks' server that hosted data on US cops

BlueLeaks portal is now down. The website hosted 296 GB of files stolen from more than 200 US police departments and fusion training centers.

---

German authorities seize server that hosted data on US cops

BlueLeaks portal is now down. The website hosted 296 GB of files stolen from more than 200 US police departments and fusion training centers.

---

Cerberus Banking Trojan Unleashed on Google Play

The Cerberus malware can steal banking credentials, bypass security measures and access text messages.

---

Microsoft seizes six domains used in COVID-19 phishing operations

Hackers used malicious Office 365 apps to gain access to customer accounts, which they later used to orchestrate BEC attacks.

---

Attackers target critical flaw in popular networking gear

The vulnerability, which received the highest possible severity score, leaves thousands of devices at risk of being taken over by remote attackers. A patch is available.

The post Attackers target critical flaw in popular networking gear appeared first on WeLiveSecurity

---

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Admins should patch their Citrix ADC and Gateway installs immediately.

---

'Keeper' hacking group behind hacks at 570 online stores

Hackers also accidentally leaked more than 184,000 stolen cards through an improperly secured backend server.

---

Applying the 80-20 Rule to Cybersecurity

How security teams can achieve 80% of the benefit for 20% of the work.

---

Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals.

---

Researchers learn how to pinpoint malicious drone operators

With high accuracy, it is now possible to trace drone operators that could be ill-wishers near protected airspace.

---

Energy company EDP confirms cyberattack, Ragnar Locker ransomware blamed

The energy firm denies the loss of customer data. Attackers claim to have stolen 10TB in business records.

---

First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered

Researchers warn that Cosmic Lynx targets firms that don't use DMARC and uses a "mergers and acquisitions" pretext that can lead to large sums of money being stolen.

---

Cerberus banking Trojan infiltrates Google Play

The malware was found buried within a seemingly-innocent currency converter.

---

Raising children in the social media limelight? Pause before you post

How (over)sharing your children’s triumphs and antics with the world may impact their immediate and distant future – and how to reduce the risks of ‘sharenting’

The post Raising children in the social media limelight? Pause before you post appeared first on WeLiveSecurity