Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

On Wednesday, Sept. 15, 2021, a divided federal appeals court upheld the dismissal of an ACLU lawsuit challenging a portion of the National Security Agency's warrantless surveillance of Americans' international email and phone communications. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]
As part of its first transparency report, the cybersecurity firm says it rejected all requests for user data received last year. [Read More]
Hackers stole the personal data of around 1.4 million people who took Covid-19 tests in the Paris region in the middle of 2020, hospital officials in the French capital disclosed on Wednesday. [Read More]
Microsoft has linked the recently patched MSHTML vulnerability (CVE-2021-40444) exploited via malicious Office documents to known ransomware operators. [Read More]
Three former U.S. intelligence and military officials have admitted providing sophisticated computer hacking technology to the United Arab Emirates and agreed to pay nearly $1.7 million to resolve criminal charges. [Read More]
Linux and Windows variants of the payload carry remote access capabilities such as file manipulation and shell command execution. [Read More]
NSA Director Gen. Paul Nakasone says he’s mounting a new “surge” to fight incursions that have at times debilitated government agencies and companies responsible for critical infrastructure. [Read More]
The patch comes exactly one week after the Redmond, Wash. software giant acknowledged the CVE-2021-40444 security defect and confirmed the existence of in-the-wild exploitation via booby-trapped Microsoft Office documents. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Idan Aharoni's picture
Despite having different infrastructure, goals and methods, threat actors do not work in a vacuum. They feed off of each other.
Derek Manky's picture
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
Joshua Goldfarb's picture
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Idan Aharoni's picture
Plausible deniability provides a massive operational leeway to military operations in cyberspace, enabling governments to take actions without risking an all-out war.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Derek Manky's picture
We tend to focus on the attack surface when it comes to cybersecurity, but the reality is, much like an iceberg, there’s so much more lurking beneath the surface.
Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Idan Aharoni's picture
Fraudsters will determine who to target within the industry based on each service’s fraud prevention policies and maturity, rather than generally targeting the industry.
Idan Aharoni's picture
Taking down dark web sites may cause headache for both the bad guys and the good guys, but it can also have a profound positive effect on the fight against cybercrime.