Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

The Kremlin denied any official Russian involvement in cybercrimes after the US indicted two FSB intelligence agents over cyberattacks on Yahoo that compromised 500 million accounts. [Read More]
A newly discovered piece of ransomware that features a Star Trek-theme targets 625 file types and demands the ransom be paid in Monero, security researchers have discovered. [Read More]
A series "fileless attacks" previously attributed to two different threat attackers are now believed to have been carried out by the same actor, researchers say. [Read More]
The Association of British Travel Agents (ABTA) today informed users of a breach that may have affected up to 43,000 customers. [Read More]
With billions of stolen login credentials available on the dark web, bad bots are busy testing them against websites all over the globe. [Read More]
Newly observed ransomware campaigns are leveraging installer files from the Nullsoft Scriptable Install System (NSIS) to hide malicious code, Microsoft says. [Read More]
New Trojan dubbed Acronym is possibly linked to the malware family used in the Potao Express campaign [Read More]
The US government announced the indictment of four individuals charged with computer hacking, economic espionage and other offenses in connection with the 2014 breach of Yahoo, two of which are serving officers of the Russian Federal Security Service (FSB). [Read More]
Newly discovered "MajikPOS" point-of-sale (PoS) malware features a modular approach in execution is currently targeting businesses in North America. [Read More]
A newly observed ransomware family is leveraging the well-known Petya ransomware to encrypt user data, but modifies the malware “on the fly” to control its execution, Kaspersky Lab researchers discovered. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Torsten George's picture
While effective at curbing “petty crimes” such as credit skimming / cloning, EMV does not address more sophisticated cyber-attacks that target backend systems which contain card holders’ most sensitive information.
Joshua Goldfarb's picture
Let’s take a look at a few of the different ways in which people convince themselves that they do not need to understand the threat landscape they face and mitigate the risk it presents them with.
Adam Meyer's picture
Cyber threat intelligence is showing us is that most threats simply exploit a series of well-documented vulnerabilities and other weak points to move along the path of least resistance – and the most profit.
Alastair Paterson's picture
Although ransomware and DDoS attacks have captured the attention of the security industry of late, a surge in trojan variants targeting banks across geographies is catching many by surprise.
Alastair Paterson's picture
By being aware of the latest tactics, techniques and procedures (TTPs), organizations can understand how to mitigate damage and thwart cyber attacks during the holidays.
Josh Lefkowitz's picture
Entering the Deep & Dark Web also requires highly-advanced operations security and technical skills. Not only is gaining access to these online communities extremely difficult, it is risky.
Alastair Paterson's picture
This election cycle has shown that state actors may also believe that some data has more value if it is made public.
Alastair Paterson's picture
Employees who have reused corporate emails and passwords for personal use can put their employers at risk of account takeovers, credential stuffing and extortion attempts.
Scott Simkin's picture
While exploit kits are certainly contributing to the steady rise in the number of cyberattacks, in the end, the methods they use to infect endpoints and networks can be stopped provided the proper steps are taken.
Alastair Paterson's picture
Developing awareness about dual revenue attacks is the first step in preparing your organization to deal with these threats.