Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

LastPass and its affiliate GoTo have disclosed a new data breach involving a ​​third-party cloud storage service. [Read More]
Salvadoran digital newspaper El Faro's employees filed a lawsuit in a US federal court on Wednesday against NSO Group, alleging the Israeli firm's controversial Pegasus software was used to spy on them. [Read More]
South Pacific Ocean nation Vanuatu is slowly getting its communications back online following a cyberattack that knocked out emergency services, emails and phone lines for weeks. [Read More]
The hackers leaking stolen Australian records from Medibank to the dark web appeared to end their extortion attempt by dumping a final batch of data online and declaring:"Case closed." [Read More]
According to data from Tenable, more than 70 percent of global organizations remain vulnerable to the Log4Shell flaw as of October this year. [Read More]
Sphere Technology Solutions, a New Jersey startup building technology to help defenders clean up excessive and unnecessary access, raises a $31 million Series B round. [Read More]
Google has linked three exploitation frameworks, as well as several vulnerabilities that were likely zero-days at one point, to Spanish commercial spyware vendor Variston. [Read More]
A China-linked cyberespionage group has been observed using self-replicating malware on USB drives to infect targets. [Read More]
The Black Basta ransomware gang has taken credit for the attack on Canadian meat giant Maple Leaf Foods. [Read More]
Initial access brokers are selling access to enterprise environments that have been compromised via a recently patched critical Fortinet vulnerability. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Derek Manky's picture
While the number of detections has been lower so far than other types of cyberattacks, the very nature of wipers and how they’re used makes them very dangerous.
Joshua Goldfarb's picture
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Derek Manky's picture
Linux systems are a popular delivery mechanism for malware. While they’re not the most popular – that distinction goes to HTML and Javascript – don’t think you can ignore them.
Landon Winkelvoss's picture
Organizations need to be able to go outside the firewall to gather as much threat actor information as possible to build robust internal defenses against fraud.
Laurence Pitt's picture
Between the excitement and the comfort of working from home, it can be easy to overlook the risks associated with summer travel, but it’s important to remain careful and vigilant.
Derek Manky's picture
We hear a lot about drug mules, but what are cyber mules? It’s similar to how drug dealers rely on unsuspecting or otherwise vulnerable people to help them transport drugs or launder the proceeds of those sales.
Joshua Goldfarb's picture
By understanding how to identify, isolate, and remove unwanted bot and fraud traffic, enterprises can remove the noise clouding the visibility they have into their online applications.
Joshua Goldfarb's picture
A healthy dose of curiosity and humility can help enterprises ask the right questions, perform the right analysis, and focus on the right topics around improving their fraud programs.
Derek Manky's picture
Organizations can strengthen their security posture by getting detailed information on current attack techniques and keeping their employees’ cyber hygiene training up to date.
Joshua Goldfarb's picture
We can learn a valuable lesson about better fraud decision-making from restaurant choosing scenarios.