Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

The White House chief of staff and his German counterpart met Tuesday amid a serious rift over allegations of US spying.
A large number of websites have been compromised by cybercriminals who are exploiting a recently patched security hole the popular MailPoet newsletter plugin for WordPress.
The cyber-crime crew was able to take over some 1,600 StubHub user accounts as part of their scheme, authorities said.
The attack used the Nuclear exploit kit, which is known for targeting vulnerabilities in Microsoft Internet Explorer and Oracle Java SE.
StubHub confirmed today it had been hit by cyber-attackers in a global operation
The US website of the Metro newspaper (metro.us), which serves an estimated 1 million visitors every month, has been compromised and abused to distribute a malware via the RIG exploit kit.
Non-profit organization Goodwill is investigating a possible data breach that might have impacted several of its stores across the United States.
New research from Palo Alto Networks shows that 419 scammers are evolving into attacking businesses.
SMS-based two-factor authentication (2FA) mechanisms used by banks to secure their customers' accounts have been bypassed by cybercriminals using a combination of malware, mobile apps, rogue DNS servers, and phishing sites, according to a report from Trend Micro.
A new file-encrypting piece of ransomware advertised on underground forums since mid-June is increasingly used by cybercriminals, a security expert reported.

FEATURES, INSIGHTS // Cybercrime

rss icon

Jon-Louis Heimerl's picture
Cybercrime “case studies” are always impersonal, right? Would you get more out of specific stories of individuals caught in the cross hairs instead of corporate entities?
Wade Williamson's picture
The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
Mark Hatton's picture
So what does the World Cup have to do with cyber security? A great deal actually. Anytime there is a large-scale global event, there is a sharp spike in the number of cyber scams that are unleashed.
Tal Be'ery's picture
Defenders should use their "Strategic Depth" to mitigate attacks not on the perimeter but deeper within their network where they can leverage on their strategic advantage.
Wade Williamson's picture
In the same way we have watched APT techniques trickle down from nation-state actors to more opportunistic criminals, we should expect MitB to expand from financial services to all types of applications.
Jeffrey Carr's picture
The term “Tipping Point” is controversial because it has been so widely misused and loosely applied; two abuses that I often see in the cyber security marketplace.
Michael Callahan's picture
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Tal Be'ery's picture
The Target breach shows that APT attacks have commoditized and therefore should concern not only the government and defense industry, but probably every enterprise.