Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Qatar said Wednesday its official state news agency had been hacked by an 'unknown entity', and subsequently carried false remarks attributed to the country's Emir, Sheikh Tamim bin Hamad Al-Thani. [Read More]
The North Korea-linked Lazarus hacking group is "highly likely" to be responsible for the global "WannaCry" ransomware attacks, Symantec says. [Read More]
Russian authorities dismantle cybercrime gang responsible for infecting 1 million Android phones with a banking Trojan and stealing nearly $900,000 [Read More]
Most of the computers affected by the WannaCry ransomware outbreak were running Windows 7, security researchers have revealed. [Read More]
WikiLeaks detailed Athena, a malware developed by the CIA with a U.S. offensive-driven cybersecurity firm. The tool works on all versions of Windows [Read More]
Recent changes made to the Terror exploit kit (EK) allow it to fingerprint victims and target specific vulnerabilities instead of carpet bombing the victims with many exploits at the same time, Talos researchers discovered. [Read More]
China systematically dismantled CIA spying efforts in China beginning in 2010, killing or jailing more than a dozen covert sources, in a deep setback to US intelligence there, according to a report. [Read More]
North Korea on Friday angrily dismissed reports linking its isolated regime to the global cyberattack that held thousands of computers to virtual ransom. [Read More]
In the aftermath the WannaCry ransomware outbreak, security researchers discovered numerous attacks that have been abusing the same EternalBlue exploit for malware delivery over the past several weeks. [Read More]
Some experts believe the WannaCry ransomware attacks don’t fit North Korea’s style and interests, despite malware code similarities [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Alastair Paterson's picture
A recent look at insider trading on the dark web shows how underground operators use OPSEC to protect their businesses.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Lance Cottrell's picture
In addition to basic credit monitoring, breached companies need to get ahead of the attacks and start providing security solutions that actually protect the victims before they are victimized again.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Alastair Paterson's picture
It’s natural to think that their adversaries are all financially motivated, but many are not. In 2016 we saw drivers like hacktivism, ideological differences and intelligence gathering also motivating attacks.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Josh Lefkowitz's picture
It’s critical to recognize that there will always be virtual ways in which terrorists and other criminals can create threats that no border process or physical security program can stop.
Alastair Paterson's picture
It’s fairly typical for bad actors to escalate extortion-based campaigns during seasonal events when the stakes for targets are high.