Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

A recently discovered Hidden Tear ransomware offspring called "Karmen" is being sold on underground forums as a Ransomware-as-a-Service (RaaS), priced at just $175. [Read More]
Company confirms cybercriminals used malware to steal payment card data from nearly 40 Shoney’s restaurants [Read More]
Microsoft assures customers that the latest Shadow Brokers exploits have already been patched, including several with March updates [Read More]
The author of a new piece of ransomware is selling their creation on underground forums as source code, Forcepoint security researchers have discovered. [Read More]
Cerber, one of the most active malware families over the past year, has increased its share of the ransomware market to 87% in the first quarter of 2017. [Read More]
Facebook disrupted an international fake account operation that was firing off inauthentic "likes" and bogus comments to win friends it would then pound with spam. [Read More]
Malware used in targeted attacks in South Korea and Japan padded with junk data to evade detection - sample sizes range between 50 Mb and 200 Mb [Read More]
Callisto is a threat actor that has spied on entities with an interest in foreign and security policy in Europe and South Caucasus [Read More]
A Microsoft Office 0-day vulnerability (CVE-2017-0199) that was disclosed just days ago is already being exploited by attackers associated with malware families such as Latentbot and WingBird. [Read More]
Tens of thousands of vulnerable routers have been hacked and abused to launch attacks on WordPress websites [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Alastair Paterson's picture
It’s fairly typical for bad actors to escalate extortion-based campaigns during seasonal events when the stakes for targets are high.
Jack Danahy's picture
The impact of ransomware has expanded from an IT nuisance to attacks that can shut down and potentially ruin the businesses they infect.
Torsten George's picture
While effective at curbing “petty crimes” such as credit skimming / cloning, EMV does not address more sophisticated cyber-attacks that target backend systems which contain card holders’ most sensitive information.
Joshua Goldfarb's picture
Let’s take a look at a few of the different ways in which people convince themselves that they do not need to understand the threat landscape they face and mitigate the risk it presents them with.
Adam Meyer's picture
Cyber threat intelligence is showing us is that most threats simply exploit a series of well-documented vulnerabilities and other weak points to move along the path of least resistance – and the most profit.
Alastair Paterson's picture
Although ransomware and DDoS attacks have captured the attention of the security industry of late, a surge in trojan variants targeting banks across geographies is catching many by surprise.
Alastair Paterson's picture
By being aware of the latest tactics, techniques and procedures (TTPs), organizations can understand how to mitigate damage and thwart cyber attacks during the holidays.
Josh Lefkowitz's picture
Entering the Deep & Dark Web also requires highly-advanced operations security and technical skills. Not only is gaining access to these online communities extremely difficult, it is risky.
Alastair Paterson's picture
This election cycle has shown that state actors may also believe that some data has more value if it is made public.
Alastair Paterson's picture
Employees who have reused corporate emails and passwords for personal use can put their employers at risk of account takeovers, credential stuffing and extortion attempts.