Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Czech President Milos Zeman has alleged that hackers based in the US state of Alabama put child pornography on one of his computers in 2016. [Read More]
A hacker gained access to the names, dates of birth and SSNs of job seekers in 10 U.S. states after breaching the systems of America’s JobLink (AJL) [Read More]
Security researcher Christopher Truncer released a WMI-based agentless post-exploitation RAT that he developed in PowerShell. [Read More]
WikiLeaks releases documents describing Apple device hacking tools used by the CIA. Most require physical access to the targeted device [Read More]
A remote code execution (RCE) vulnerability in SAP GUI exposes unpatched systems to malware attacks such as ransomware, ERPScan security researchers warn. [Read More]
Cybercriminals have been using a macro-enabled Word document that can be used to infect both macOS and Windows machines with malware. [Read More]
US federal prosecutors suspect the North Korean government directed last year's theft of $81 million from Bangladesh's account at the New York Federal Reserve Bank, according to a media report Wednesday. [Read More]
Google and Jigsaw have launched of a set of free tools designed to help different types of organizations defend against common types of digital attacks. [Read More]
China-linked threat group Winnti has been abusing GitHub for C&C communications for PlugX and a new backdoor [Read More]
A Lithuanian man has been indicted in the United States for convincing two U.S.-based Internet companies into wiring over $100 million to bank accounts he controlled as part of an email fraud scheme. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Alastair Paterson's picture
A recent look at insider trading on the dark web shows how underground operators use OPSEC to protect their businesses.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Lance Cottrell's picture
In addition to basic credit monitoring, breached companies need to get ahead of the attacks and start providing security solutions that actually protect the victims before they are victimized again.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Alastair Paterson's picture
It’s natural to think that their adversaries are all financially motivated, but many are not. In 2016 we saw drivers like hacktivism, ideological differences and intelligence gathering also motivating attacks.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Josh Lefkowitz's picture
It’s critical to recognize that there will always be virtual ways in which terrorists and other criminals can create threats that no border process or physical security program can stop.
Alastair Paterson's picture
It’s fairly typical for bad actors to escalate extortion-based campaigns during seasonal events when the stakes for targets are high.