Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Mozilla has released updates for Firefox to patch a critical zero-day vulnerability (CVE-2019-11707) exploited in targeted attacks. [Read More]
French prosecutors ordered infamous French-Israeli hacker Ulcan to stand trial over a telephone prank targeting the father of a French journalist who died soon after of a heart attack. [Read More]
A new variant of the well-known Houdini Worm has been spotted in phishing attacks. [Read More]
The head of London's Serpentine Galleries, Yana Peel, resigned following a newspaper report about her links to controversial Israeli spyware firm NSO Group. [Read More]
A recently discovered backdoor can spread itself over a local network, in addition to allowing attackers to install additional malware onto compromised machines. [Read More]
The Kremlin on Tuesday said Moscow had been the victim of US cyberattacks "for years" following a New York Times report that Washington is stepping up digital incursions into Russia's power grid. [Read More]
A threat actor that appears to be based in Iran is targeting a vulnerability in a popular DNA sequencing LIMS software, a security researcher had discovered. [Read More]
A free decryption tool is now available for the victims of the latest variants of the GandCrab ransomware. [Read More]
Researchers have detected an Android trojan that abuses the web push technology. In its benign use, web push is used by legitimate websites -- such as news sites -- to send out new event notifications. [Read More]
The New York Times reports that the US has planted potentially destructive malware in Russia’s power grid, but President Trump says the story is not true and calls it a “virtual act of treason.” [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Preston Hogue's picture
There have been so many high-profile breaches that a person’s entire life could be laid out, triangulated and, ultimately, faked by someone with the wrong set of intentions.
Siggi Stefnisson's picture
“Evasive phishing" is not a term much heard, but we all will—and need to—start talking a lot more about it than we have in the past.
Alastair Paterson's picture
BEC is becoming increasingly profitable for threat actors as organizations are making it easy for adversaries to gain access to the valuable information that sits within these inboxes.
Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Alastair Paterson's picture
As we continue to gear up for an increase in shopping this holiday season, remember that attackers continue to innovate and update their training and skills regularly.
Siggi Stefnisson's picture
If I have one wish for ‘Cybersecurity Awareness Month,’ it’s that we all need to be aware of the need for innovative responses on the part of the security industry, to counter a threat industry which is innovating both technical and business models at a rapid pace.
Devon Kerr's picture
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Lance Cottrell's picture
Studying the DNC Hacker case shows just how difficult it is to maintain a false identity in the face of a highly resourced and motivated opponent.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Lance Cottrell's picture
Actively investigating and infiltrating criminal groups online is not “hacking back,” but it may provoke that as a response.