Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

The source code of a backdoor associated with the prolific FIN7 threat actor has emerged on VirusTotal alongside builders and other tools from the group, FireEye security researchers reveal. [Read More]
OceanLotus, a Vietnam-linked cyber-espionage group, has been using atypical executable formats in an attempt to avoid detection and hinder analysis, according security firm Malwarebytes. [Read More]
What appears to be the source code of hacking tools used by an Iranian cyber-espionage group (APT34) has been posted online along with information apparently stolen from victims. [Read More]
Cybersecurity researcher Marcus Hutchins, known for his actions that helped stop the WannaCry ransomware attack, admitted in a U.S. court to aiding in the development and distribution of a banking Trojan. [Read More]
Google will soon block login attempts from embedded browser frameworks such as the Chromium Embedded Framework (CEF) to prevent MitM phishing attacks. [Read More]
Djevair Ametovski, the Macedonian operator of a cybercrime marketplace named Codeshop, has been sentenced to 90 months in prison by US authorities. [Read More]
A financially motivated threat actor believed to speak Russian has used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide. [Read More]
Several critics of Kaspersky Lab have been targeted by a mysterious individual in an operation similar to that targeting Citizen Lab recently. [Read More]
Hackers scrambled to erase their digital footprints after FireEye linked the Triton/Trisis malware to a Russian government research institute. [Read More]
Most of the malicious activity by Brazilian hackers is within Brazil against Brazilians, but this does not mean that Brazil lacks hacking capabilities, nor that the rest of the world can ignore Brazilian hackers. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Josh Lefkowitz's picture
The abundance of compromised card data and other assets available online continues to hinder the fight against card-not-present (CNP) fraud.
Alastair Paterson's picture
Cybercriminals rely on tried and trusted methods for phishing; as long as there is even a four percent chance that phishing techniques will be successful, they will continue to use them.
Stan Engelbrecht's picture
The current state of automated teller machine (ATM) security is far from optimal, but the unique security challenges around ATMs make improvements difficult.
Justin Fier's picture
Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.
Preston Hogue's picture
There have been so many high-profile breaches that a person’s entire life could be laid out, triangulated and, ultimately, faked by someone with the wrong set of intentions.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Alastair Paterson's picture
As we continue to gear up for an increase in shopping this holiday season, remember that attackers continue to innovate and update their training and skills regularly.