Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

A newly detailed attack method leverages Microsoft Word documents to gather information on users, but doesn’t use macros, exploits or any other active content to do so. [Read More]
More than 2 million users are estimated to have downloaded a maliciously modified version of a software utility owned by antivirus firm Avast. [Read More]
Equifax shares more details about the breach and how it was discovered by the company [Read More]
A newly discovered Android malware that managed to infect at least 50 applications in Google Play has been downloaded between 1 million and 4.2 million times, Check Point researchers warn. [Read More]
A recently malware attack has been leveraging the Hangul Word Processor (HWP) word processing application and its ability to run PostScript code. [Read More]
While the data stolen in the Equifax hack might be up for sale, scammers have also set up websites offering the data [Read More]
Senator Mark Warner has called for a federal investigation of credit rating agency Equifax after the company lost the personal data of 143 million customers to hackers. [Read More]
Content delivery networks (CDNs) are being increasingly abused to spread malware, courtesy of standards that allow the download and execution of payloads on the victims’ computers, ESET warns. [Read More]
Equifax confirms that an Apache Struts vulnerability exploited in the wild since March has been used to breach its systems [Read More]
DHS orders government agencies to stop using Kaspersky products due to concerns about the company’s ties to Russian intelligence [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Alastair Paterson's picture
The emergence of decentralized marketplaces within the criminal ecosystem poses significant challenges for law enforcement agencies and private security vendors.
Jack Danahy's picture
Awareness is not enough. Companies also need to dedicate themselves to protecting users and eliminating the blind spots caused by unpatched systems and a lack of strong endpoint protection.
Alastair Paterson's picture
As the opportunity for payment card fraud grows, it’s safe to assume that more cybercriminals will take advantage of new, sophisticated online courses to get a piece of the pie.
Ting-Fang Yen's picture
The attackers may be looking for the path of least resistance, but there is no shortcut to securing your platform.
Oliver Rochford's picture
The lifting of certain sanctions may provide an alternative incentive to limit certain types of cyberwar activity.
Josh Lefkowitz's picture
While President Trump’s executive order has laid an impressive and hopeful foundation for a more secure nation, its focus on bolstering federal defenses against large-scale cyber attacks and nation-state cyber threats is still too narrow.
Alastair Paterson's picture
There’s a great deal of intelligence organizations can find on the deep and dark web, but it's important to remember that criminal activity isn’t limited to the dark web.
Josh Lefkowitz's picture
Most threat intel teams haven’t been conditioned to maintain a comprehensive understanding of how geopolitical factors can influence, emergent strains of malware, insider threats, or supply chain security vulnerabilities.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.