Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Amtrak is informing some customers that their personal information may have been compromised after someone accessed their Guest Reward account. [Read More]
DoJ announced this week that a New York City man was charged for his participation in a cybercrime scheme to steal and traffic payment card data. [Read More]
The NSA has published information on the targeting of Exim mail servers by the Russia-linked threat actor known as Sandworm Team. [Read More]
GitHub recently learned that tens of open source NetBeans projects were targeted by a piece of malware named Octopus Scanner as part of an apparent supply chain attack. [Read More]
Germany said Thursday it is seeking EU sanctions against a Russian man over his alleged role in the hacking of the German parliament at a time when evidence shows he was working for Russian intelligence. [Read More]
Minted, an online marketplace of crowdsourced art and graphic designs, this week confirmed that it was the victim of a data breach earlier this month. [Read More]
Cisco this week announced that it has patched two actively exploited Salt vulnerabilities, but not before malicious actors leveraged the flaws to hack some of the company’s servers. [Read More]
NTT Communications, a subsidiary of Japanese tech giant NTT Corp, has disclosed a data breach that impacted hundreds of customers. [Read More]
The U.S. National Security Agency says a Russian military hacking group has been exploiting a major email server program since last August or earlier. [Read More]
Threat actors have targeted industrial suppliers in Japan and several European countries in sophisticated attacks that employed various techniques to make malware detection and analysis more difficult. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Idan Aharoni's picture
Many organizations are steadfast in their belief that dark web monitoring is a critical part of their security operations and the security industry is happy to fuel that belief.
Alastair Paterson's picture
Researchers have undertaken a deep dive into the shadowy, cyber world of those whose work involves abusing others online through trickery, extortion, fraud, and theft resulting from COVID-19.
Justin Fier's picture
CISA has recently designated many cyber security positions ‘essential roles', and our understanding of essential businesses and essential employees will continue to change as the pandemic evolves.
Alastair Paterson's picture
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Torsten George's picture
Most of today’s cyber-attacks are front ended by phishing campaigns. So, what can organizations do to prevent their users from falling for the bait of these attacks?
Laurence Pitt's picture
Many of us are familiar with the two most common types of socially engineered attacks – phishing and spear-phishing – but there are many more to be aware of.
Laurence Pitt's picture
Although robocalls are a pain for many of us, action is being taken to bring the problem under control.
Alastair Paterson's picture
The holidays are also a bonanza for cybercriminals whose own sales and purchases of contraband on the dark web mirror the one-day-only specials of their consumer-facing counterparts.
Alastair Paterson's picture
Domain name typo-squatting is an established tactic in the world of cybercrime.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.