Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

A new variant of the Citadel Trojan is designed to capture keystrokes in an effort to obtain the passwords that protect access to authentications solutions and password managers.
A new paper takes a look at the prices for cyber-criminal services in the Brazilian underground.
Researchers at Trend Micro have spotted a campaign in which attackers abuse advertising networks and the Flashpack exploit kit in an effort to distribute various pieces of malware.
A new variant of the Matsnu Trojan uses a Domain Generation Algorithm that generates 24-character domain names based on a combination of nouns and verbs (noun-verb-noun-verb).
TRUSTe agreed to pay $200,000 as part of a settlement with FTC, which accused the company of failing to conduct annual re-certifications for some customers, and facilitating misrepresentation as a non-profit entity.
Security experts are warning Steam users about a piece of malware that is being distributed by cybercriminals via the entertainment platform's chat feature.
According to a report from Arxan Technologies, hacked versions of 97% of the top 100 paid Android apps and 87% of the top 100 paid Apple iOS apps appear in unofficial app stores and app distribution sites.
The U.S. State Department has shut down an unclassified network and email system in response to suspicious activity recently detected by the government.
Three individuals suspected of being involved in the creation and distribution of a recently uncovered piece of malware referred to as "WireLurker" have been arrested and charged, the Beijing Municipal Bureau of Public Security said on Friday.
Security experts share their thoughts on the "Darkhotel" espionage campaign and provide recommendations for executives who travel a lot and don't want sensitive corporate information to end up in the hands of cyber spies.

FEATURES, INSIGHTS // Cybercrime

rss icon

David Holmes's picture
In 2011, Twitter began encrypting all information between the (mostly) mobile endpoints and their own servers. This made it more difficult for monitoring agencies to determine a mobile user’s Twitter profile, and thereby that user’s follow list. More difficult, but not impossible.
James McFarlin's picture
Does a dangerous threat lie with ISIS’s possible use of cyber weapons against American critical infrastructure, financial system or other targets? Will such attacks be attempted and do the capabilities exist within ISIS to do so?
James McFarlin's picture
Creative disruption, where a paradigm shift in thinking replaces an existing order, may be an elusive concept but its power as a driving force of human behavior cannot be denied.
Adam Firestone's picture
The time has come for the technology professions to demonstrate ethical maturity and adopt standards of ethical conduct to which we hold ourselves and our peers accountable.
Marc Solomon's picture
Malvertising underscores the need for an approach to security that addresses the full attack continuum. With ongoing visibility and control, and intelligent and continuous updates, security professionals can take action to stop the inevitable outbreak.
James McFarlin's picture
One can only hope our nation’s alarm clocks wake up and stir our national leaders’ imaginations before a cyber incident of the magnitude of 9/11 results in the need for a “Cyber Strikes Commission Report.”
Jon-Louis Heimerl's picture
Cybercrime “case studies” are always impersonal, right? Would you get more out of specific stories of individuals caught in the cross hairs instead of corporate entities?
Wade Williamson's picture
The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
Mark Hatton's picture
So what does the World Cup have to do with cyber security? A great deal actually. Anytime there is a large-scale global event, there is a sharp spike in the number of cyber scams that are unleashed.
Tal Be'ery's picture
Defenders should use their "Strategic Depth" to mitigate attacks not on the perimeter but deeper within their network where they can leverage on their strategic advantage.
view counter