Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

GitHub recently learned that tens of open source NetBeans projects were targeted by a piece of malware named Octopus Scanner as part of an apparent supply chain attack. [Read More]
Germany said Thursday it is seeking EU sanctions against a Russian man over his alleged role in the hacking of the German parliament at a time when evidence shows he was working for Russian intelligence. [Read More]
Minted, an online marketplace of crowdsourced art and graphic designs, this week confirmed that it was the victim of a data breach earlier this month. [Read More]
Cisco this week announced that it has patched two actively exploited Salt vulnerabilities, but not before malicious actors leveraged the flaws to hack some of the company’s servers. [Read More]
NTT Communications, a subsidiary of Japanese tech giant NTT Corp, has disclosed a data breach that impacted hundreds of customers. [Read More]
The U.S. National Security Agency says a Russian military hacking group has been exploiting a major email server program since last August or earlier. [Read More]
Threat actors have targeted industrial suppliers in Japan and several European countries in sophisticated attacks that employed various techniques to make malware detection and analysis more difficult. [Read More]
The US state of Arizona filed a lawsuit Wednesday accusing Google of committing fraud by being deceptive about gathering location data. [Read More]
Researchers say they have found the real identity of a Brazilian hacker who defaced thousands of websites as part of hacktivist operations and who was also involved in profit-driven cybercrime. [Read More]
Recent versions of the Valak malware have been used in attacks targeting Microsoft Exchange servers at organizations in the United States and Germany. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Jim Gordon's picture
At the end of the day, I encourage businesses and organizations of all sizes to leave the moral judgments regarding ransomware to the government.
Torsten George's picture
Given the likelihood of an uptick in ransomware attacks, let’s consider steps organizations can take to minimize the risk of being victimized.
Gunter Ollmann's picture
While global corporations have been targeted by Iran-linked threat actors, the escalating tensions in recent weeks will inevitably bring more repercussions as tools and tactics change with new strategic goals.
Josh Lefkowitz's picture
In order to make threat intelligence more accessible and effective for more fraud teams, it’s important for vendors and practitioners alike to recognize and debunk some misconceptions.
Josh Lefkowitz's picture
it’s crucial to remember that accessing and obtaining DDW data safely and effectively in support of an intelligence operation requires highly specific skills and infrastructure that, unfortunately, not all vendors possess.
Alastair Paterson's picture
Organizations may not be able to mitigate BEC scams entirely; however, tightening up processes will ensure data exposure is kept to a minimum.
Grady Summers's picture
The 2020 elections will be hotly contested, and the integrity of the election will need to be beyond repute to ensure citizens confidence in a free and fair election.
Josh Lefkowitz's picture
Online "card shops" can be invaluable resources for those seeking to better understand and combat fraud and cybercrime.
Justin Fier's picture
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
Josh Lefkowitz's picture
The abundance of compromised card data and other assets available online continues to hinder the fight against card-not-present (CNP) fraud.