Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Ubiquity says no databases containing user data appear to have been accessed as a result of the data breach. [Read More]
CrowdStrike shares an analysis of Sunspot, a piece of malware that was used by hackers to insert the Sunburst backdoor into SolarWinds’ Orion product in the recent supply chain attack. [Read More]
Bitdefender has released a free decryptor for DarkSide, a piece of ransomware that allegedly helped cybercriminals make millions from targeted companies. [Read More]
Researchers have found some similarities between the Sunburst malware used in the SolarWinds attack and Kazuar, a backdoor attributed to the Russia-linked cyber-espionage group Turla. [Read More]
New Zealand's central bank said Jan 10th that it was responding with urgency to a "malicious" breach of one of its data systems, a third-party file sharing service that stored "sensitive information". [Read More]
Multiple serious security vulnerabilities were addressed in GPU drivers and vGPU software. [Read More]
Equifax will acquire Kount for $640 Million to expand its worldwide footprint in digital identity and fraud prevention solutions. [Read More]
Ongoing coverage of the SolarWinds Orion attacks and useful resources, including analysis and indicators of compromise (IOC). Check back often for updates. [Read More]
The FBI has issued an alert for Egregor ransomware attacks on businesses. The ransomware operators claim over 150 victims worldwide. [Read More]
An investigation has been launched into the impact of the SolarWinds breach on U.S. federal courts, which reportedly were considered a target of interest by the hackers. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Justin Fier's picture
CISA has recently designated many cyber security positions ‘essential roles', and our understanding of essential businesses and essential employees will continue to change as the pandemic evolves.
Alastair Paterson's picture
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Torsten George's picture
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Laurence Pitt's picture
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Laurence Pitt's picture
Although robocalls are a pain for many of us, action is being taken to bring the problem under control.
Alastair Paterson's picture
The holidays are also a bonanza for cybercriminals whose own sales and purchases of contraband on the dark web mirror the one-day-only specials of their consumer-facing counterparts.
Alastair Paterson's picture
Domain name typo-squatting is an established tactic in the world of cybercrime.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
Jim Gordon's picture
At the end of the day, I encourage businesses and organizations of all sizes to leave the moral judgments regarding ransomware to the government.
Torsten George's picture
Given the likelihood of an uptick in ransomware attacks, let’s consider steps organizations can take to minimize the risk of being victimized.