Cybersecurity News
Questions linger after IRS’s about‑face on facial recognition
Why would a tax agency contractor’s privacy policy mention collecting information about my Facebook friends?
The post Questions linger after IRS’s about‑face on facial recognition appeared first on WeLiveSecurity
BlackByte Tackles the SF 49ers & US Critical Infrastructure

Wazawaka Goes Waka Waka
In January, KrebsOnSecurity examined clues left behind by "Wazawaka," the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since "lost his mind" according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. In last month's story, we explored clues that led from Wazawaka's multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka's identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became "Orange," the founder of the ransomware-focused Dark Web forum known as "RAMP."‘Cities: Skylines’ Gaming Modder Banned Over Hidden Malware

Adobe: Zero-Day Magento 2 RCE Bug Under Active Attack

From the back office to the till: Cybersecurity challenges facing global retailers
How well retailers can manage the surge in cyberthreats may be crucial for their prospects in a post‑pandemic world
The post From the back office to the till: Cybersecurity challenges facing global retailers appeared first on WeLiveSecurity
Patch now: Adobe releases emergency fix for exploited Commerce, Magento zero-day
Adobe says the vulnerability is being used in attacks targeting Adobe Commerce users.Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa

Cybercrooks Frame Targets by Planting Fabricated Digital Evidence

Week in security with Tony Anscombe
New ESET Threat Report is out – How dark web services are moving to common apps and services – Leave romance scammers high and dry
The post Week in security with Tony Anscombe appeared first on WeLiveSecurity
Apple Patches Actively Exploited WebKit Zero Day

These cybercriminals plant criminal evidence on human rights defender, lawyer devices
There's more than one way to silence civil rights activists, it seems.When love hurts: Watch out for romance scams this Valentine’s Day
Don’t be the next victim – spot the signs of a faux romance in time and send that scammer ‘packing’
The post When love hurts: Watch out for romance scams this Valentine’s Day appeared first on WeLiveSecurity
Spanish police arrest suspects in SIM-swapping ring
Fraudsters used photocopies and stolen data to obtain duplicate SIM cards.$1.3 billion lost to romance scams in the past five years: FTC
Romance scams are reaching record-highs, regulators warn.Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares

Sharp SIM-Swapping Spike Causes $68M in Losses

SAP Patches Severe ‘ICMAD’ Bugs

SAP to Give Threat Briefing on Uber-Severe ‘ICMAD’ Bugs

The Threat of Ransomware Attacks
How the spike in ransomware attacks presents an urgent threat to the payment security community. On the blog, we cover basic questions with Lisa Plaggemier, Executive Director National Cybersecurity Alliance and PCI SSC Executive Director Lance Johnson about this growing threat to businesses across the U.S. and around the world and how to better protect yourself from this dangerous attack.