Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Google will soon block login attempts from embedded browser frameworks such as the Chromium Embedded Framework (CEF) to prevent MitM phishing attacks. [Read More]
Djevair Ametovski, the Macedonian operator of a cybercrime marketplace named Codeshop, has been sentenced to 90 months in prison by US authorities. [Read More]
A financially motivated threat actor believed to speak Russian has used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide. [Read More]
Several critics of Kaspersky Lab have been targeted by a mysterious individual in an operation similar to that targeting Citizen Lab recently. [Read More]
Hackers scrambled to erase their digital footprints after FireEye linked the Triton/Trisis malware to a Russian government research institute. [Read More]
Most of the malicious activity by Brazilian hackers is within Brazil against Brazilians, but this does not mean that Brazil lacks hacking capabilities, nor that the rest of the world can ignore Brazilian hackers. [Read More]
Iran-linked cyber-espionage group OilRig is making broad use of DNS tunneling across its tools portfolio, Palo Alto Networks security researchers reveal. [Read More]
Starting in early 2019, Ukrainian government entities have been targeted by a spear-phishing campaign that appears to be a cyber espionage campaign emanating from the Luhansk People's Republic (LPR). [Read More]
The Scranos rootkit-enabled spyware operation has expanded reach outside of China to hit targets worldwide. [Read More]
One of Idaho’s largest insurance companies, Blue Cross of Idaho, said someone hacked its website and obtained access to the personal information of about 5,600 customers, including their names, claim payment information and codes indicating medical procedures they may have undergone. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Siggi Stefnisson's picture
If I have one wish for ‘Cybersecurity Awareness Month,’ it’s that we all need to be aware of the need for innovative responses on the part of the security industry, to counter a threat industry which is innovating both technical and business models at a rapid pace.
Devon Kerr's picture
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Lance Cottrell's picture
Studying the DNC Hacker case shows just how difficult it is to maintain a false identity in the face of a highly resourced and motivated opponent.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Lance Cottrell's picture
Actively investigating and infiltrating criminal groups online is not “hacking back,” but it may provoke that as a response.
Alastair Paterson's picture
Malicious actors have been experimenting with a blockchain domain name system (DNS) as a way of hiding their malicious activity and bullet-proofing their offerings.
Lance Cottrell's picture
Even while using Tor hidden services, there are still many ways you can be exposed and have your activities compromised if you don’t take the right precautions.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.
Laurence Pitt's picture
While awareness is key and technology is a great assistant, there is one simple practice we can all adopt: think before you click or share.
Siggi Stefnisson's picture
History shows that, in security, the next big thing isn’t always an entirely new thing. We have precedents—macro malware existed for decades before it really became a “thing.”