Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Researcher conducts detailed analysis of the two pieces of Mac malware delivered recently via Firefox zero-day vulnerabilities to cryptocurrency exchanges. [Read More]
A former congressional staffer was sentenced to four years in prison Wednesday after pleading guilty to illegally posting online the home addresses and telephone numbers of five Republican senators who backed Brett Kavanaugh’s Supreme Court nomination. [Read More]
U.S. military cyber forces launched a strike against Iranian military computer systems on as President Donald Trump backed away from plans for a more conventional military strike in response to Iran's downing of a U.S. surveillance drone, U.S. officials said. [Read More]
The United States launched cyber attacks against Iranian missile control systems and a spy network this week after Tehran downed an American surveillance drone, US media reported on Saturday. [Read More]
New crypto-currency mining malware is targeting systems running macOS, and works by emulating Linux, Malwarebytes security researchers have discovered. [Read More]
Canada's Desjardins credit union announced Thursday that the personal banking information of 2.9 million customers had been stolen by an employee and distributed to outside parties. [Read More]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on a phishing campaign using attachments that impersonate the Department of Homeland Security (DHS). [Read More]
Mozilla has patched a second Firefox zero-day vulnerability exploited by hackers to deliver Mac malware to cryptocurrency exchanges. [Read More]
An attack by a Russian hacking group used the infrastructure belonging to the Iran-linked espionage group known as OilRig, indicating a possible hostile takeover of their servers. [Read More]
The recently patched Firefox zero-day vulnerability (CVE-2019-11707) has been exploited to deliver Windows and Mac malware to cryptocurrency exchanges. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Josh Lefkowitz's picture
In order to make threat intelligence more accessible and effective for more fraud teams, it’s important for vendors and practitioners alike to recognize and debunk some misconceptions.
Josh Lefkowitz's picture
it’s crucial to remember that accessing and obtaining DDW data safely and effectively in support of an intelligence operation requires highly specific skills and infrastructure that, unfortunately, not all vendors possess.
Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Grady Summers's picture
The 2020 elections will be hotly contested, and the integrity of the election will need to be beyond repute to ensure citizens confidence in a free and fair election.
Josh Lefkowitz's picture
Online "card shops" can be invaluable resources for those seeking to better understand and combat fraud and cybercrime.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Josh Lefkowitz's picture
The abundance of compromised card data and other assets available online continues to hinder the fight against card-not-present (CNP) fraud.
Alastair Paterson's picture
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
Stan Engelbrecht's picture
The current state of automated teller machine (ATM) security is far from optimal, but the unique security challenges around ATMs make improvements difficult.
Justin Fier's picture
Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.