Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

The new 'Aviary' dashboard will help visualize and analyze output from Sparrow, a CISA-developed tool for detecting potentially malicious activity in Microsoft Azure and Microsoft 365 environments. [Read More]
Threat actors are abusing organizations’ reliance on communication services such as Discord and Slack to circumvent network protections and ensure effectiveness of attacks. [Read More]
Cisco patches a critical vulnerability in an SD-WAN software product but warned that a different high-risk bug in end-of-life small business routers will remain unpatched. [Read More]
NEWS ANALYSIS: Google’s decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development. [Read More]
Belden shared an update on the data breach disclosed in November 2020 and said health-related information was also exposed. [Read More]
Cring ransomware operators exploit an old vulnerability in the FortiOS SSL VPN web portal to access enterprise networks, including the ones of industrial organisations. [Read More]
PHP developers have shared an update on the recent breach and while they no longer believe the Git server was compromised, it’s possible that a user database was leaked. [Read More]
Proofpoint warns that attackers are leveraging compromised supplier accounts and supplier impersonation to send malware, steal credentials and perpetrate invoicing fraud. [Read More]
Researchers have discovered FlixOnline, new Android malware that uses Netflix as its lure and spreads malware via auto-replies to WhatsApp messages. [Read More]
Facebook cracks down on deceptive networks, including five that mainly targeted individuals outside their countries and nine focused on domestic audiences. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Idan Aharoni's picture
With law enforcement’s ability to adapt, showing consistent results despite cybercriminals’ adoption of new technologies, as well as the increase in awareness of cyber attacks, there’s still a room for optimism – not only for the next year, but also for the next decade.
Joshua Goldfarb's picture
Facts, data, and evidence are extremely important to properly detecting, preventing, and investigating both security incidents and fraud incidents.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Idan Aharoni's picture
Speak with security professionals who are involved in monitoring the Dark Web and you will probably end up getting varied responses as to what it is and what it is comprised of.
Torsten George's picture
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
Idan Aharoni's picture
Many organizations are steadfast in their belief that dark web monitoring is a critical part of their security operations and the security industry is happy to fuel that belief.
Alastair Paterson's picture
Researchers have undertaken a deep dive into the shadowy, cyber world of those whose work involves abusing others online through trickery, extortion, fraud, and theft resulting from COVID-19.
Justin Fier's picture
CISA has recently designated many cyber security positions ‘essential roles', and our understanding of essential businesses and essential employees will continue to change as the pandemic evolves.
Alastair Paterson's picture
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.