Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Hackers are targeting misconfigured Docker Daemon API ports to install a malware named Kinsing, which in turn deploys a cryptocurrency miner in compromised container environments. [Read More]
There has been a surge in COVID-related cyberattacks and fraud schemes, even as some hackers have called for dialing back their criminal efforts. [Read More]
A class action lawsuit has been filed against Marriott over the recently disclosed data breach that impacted as many as 5.2 million customers. [Read More]
Vulnerabilities patched earlier this year in Firefox and Internet Explorer have been exploited by an APT in attacks aimed at China and Japan. [Read More]
The Justice Department inspector general has found additional failures in the FBI’s handling of a secretive surveillance program that came under scrutiny after the Russia investigation. [Read More]
A newly discovered piece of malware is taking advantage of the current COVID-19 pandemic to render computers unusable by overwriting the MBR. [Read More]
The Nigerian business email compromise (BEC) threat actors referred to as SilverTerrier have intensified assaults on multiple industries and should be considered an established threat. [Read More]
A recently uncovered attack campaign that stayed under the radar since May 2018 is targeting Microsoft SQL servers with backdoors and crypto-miners. [Read More]
Malicious, re-packaged versions of the Zoom video conferencing application are targeting work-from-home Android users with adware and Trojans. [Read More]
A malicious campaign is targeting organizations from a broad range of industries with a piece of malware known as Kwampirs, FBI warns. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Alastair Paterson's picture
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Torsten George's picture
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Laurence Pitt's picture
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Laurence Pitt's picture
Although robocalls are a pain for many of us, action is being taken to bring the problem under control.
Alastair Paterson's picture
The holidays are also a bonanza for cybercriminals whose own sales and purchases of contraband on the dark web mirror the one-day-only specials of their consumer-facing counterparts.
Alastair Paterson's picture
Domain name typo-squatting is an established tactic in the world of cybercrime.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Jim Gordon's picture
At the end of the day, I encourage businesses and organizations of all sizes to leave the moral judgments regarding ransomware to the government.
Torsten George's picture
Given the likelihood of an uptick in ransomware attacks, let’s consider steps organizations can take to minimize the risk of being victimized.
Gunter Ollmann's picture
While global corporations have been targeted by Iran-linked threat actors, the escalating tensions in recent weeks will inevitably bring more repercussions as tools and tactics change with new strategic goals.