Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

An international cybercrime operation that targeted money transfer services throughout Europe was taken down this week in a joint operation involving law enforcement agencies in Europe.
A new variant of the PushDo malware has already infected tens of thousands of computers across the globe, researchers from Bitdefender reported.
Andrei Sergejev, who admitted stealing personal information and creating fake identification documents has been sentenced to prison.
A trade association representing service providers and suppliers in the telecom industry, has warned consumers about an increase in the number of scams that rely on caller ID spoofing.
Law enforcement officials have asked Congress to consider legislation that would give them more tools to go after the botnet operators.
NIST's VCAT committee released a report this week calling for the organization to reach out to outside experts and be cautious about relying on the NSA during the development of crypto standards.
Solutionary found that Amazon Web Services (AWS) continues to be responsible for hosting most malware.
According to Arbor Networks, the first six months of 2014 saw the most volumetric DDoS attacks ever, with more than 100 events of more than 100 GB/sec reported.
Security website Abuse.ch announced the creation of a blacklist containing SSL certificates that are known to be associated with malware and botnet activities such as command and control (C&C) traffic.
Russian President Vladimir Putin condemned the "hypocrisy" of Western countries who use cyber-espionage to eavesdrop on leaders, and called for an international campaign to combat the problem.

FEATURES, INSIGHTS // Cybercrime

rss icon

Wade Williamson's picture
The most important aspect for us as security professionals is to realize that the man-in-the-browser is not going away, and to understand what exactly has made it so successful.
Mark Hatton's picture
So what does the World Cup have to do with cyber security? A great deal actually. Anytime there is a large-scale global event, there is a sharp spike in the number of cyber scams that are unleashed.
Tal Be'ery's picture
Defenders should use their "Strategic Depth" to mitigate attacks not on the perimeter but deeper within their network where they can leverage on their strategic advantage.
Wade Williamson's picture
In the same way we have watched APT techniques trickle down from nation-state actors to more opportunistic criminals, we should expect MitB to expand from financial services to all types of applications.
Jeffrey Carr's picture
The term “Tipping Point” is controversial because it has been so widely misused and loosely applied; two abuses that I often see in the cyber security marketplace.
Michael Callahan's picture
While attackers are constantly improving their evasion tactics to extend the lifetime of their malware, users can also leverage these types of evasion tactics to help prevent malware infection in the first place.
Marc Solomon's picture
Many continue to click on links or attachments sent via email without taking any steps to verify the origin of the email or the validity of the link or attachment. It only takes one click to for an attacker to establish a foothold in the target’s systems.
Danelle Au's picture
Trying to defend against modern, advanced attacks with one-off point solutions is like playing a whack-a-mole game, always one step behind the attacker and trying to play catch up with the alerts as they’re received.
Tal Be'ery's picture
The Target breach shows that APT attacks have commoditized and therefore should concern not only the government and defense industry, but probably every enterprise.
Wade Williamson's picture
If criminals can’t use or sell stolen data without being caught, then the data quickly becomes worthless. As a result it’s critical to understand what happens to data after a breach.