Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Recent attacks on an engineering company in the United Kingdom were attributed to a China-related cyber-espionage group despite the use of techniques usually associated with Russian threat actors. [Read More]
Windows zero-day fixed by Microsoft with its November 2018 Patch Tuesday updates (CVE-2018-8589) used by an APT group in attacks aimed at the Middle East [Read More]
Microsoft fixes over 60 vulnerabilities with November 2018 Patch Tuesday updates, including zero-days and publicly disclosed flaws [Read More]
At least seven different cybercrime groups referred to as "Magecart hackers" are placing digital credit card skimmers on compromised e-commerce sites, Flashpoint and RiskIQ reveal in a joint report. [Read More]
A previously undisclosed threat actor is targeting nuclear-armed government and military in Pakistan as part of a new, unusually complex espionage campaign, Cylance security researchers warn. [Read More]
Fifty-one states, including all EU members, have pledged their support for a new international agreement to set standards on cyberweapons and the use of the internet [Read More]
Cyberattacks are seen as the top risk to doing business in Europe, North America, and the East Asia and Pacific region, according to a new report from the World Economic Forum [Read More]
The French government announced a "Paris Call" for talks to lay out a common framework for cybersecurity. [Read More]
A critical vulnerability affecting a GDPR compliance plugin for WordPress has been exploited in the wild [Read More]
A malicious group known as the “Inception” attackers has been using a year-old Office exploit and a new backdoor in recent attacks, Palo Alto Networks security researchers warn. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Siggi Stefnisson's picture
We should be thinking about how users work, what they do and how it affects the security posture of the business, but does security really start with them?
Alastair Paterson's picture
As we continue to gear up for an increase in shopping this holiday season, remember that attackers continue to innovate and update their training and skills regularly.
Siggi Stefnisson's picture
If I have one wish for ‘Cybersecurity Awareness Month,’ it’s that we all need to be aware of the need for innovative responses on the part of the security industry, to counter a threat industry which is innovating both technical and business models at a rapid pace.
Devon Kerr's picture
If phishing attacks slip past the first line of defense, security teams need to be able to identify suspicious activity and stop it before hackers can learn enough about their enterprise to execute a full attack.
Lance Cottrell's picture
Studying the DNC Hacker case shows just how difficult it is to maintain a false identity in the face of a highly resourced and motivated opponent.
Siggi Stefnisson's picture
The truth is that quite a lot of malware is developed by an organization—an actual office of people that show up and spend their working day writing malware for a paycheck.
Lance Cottrell's picture
Actively investigating and infiltrating criminal groups online is not “hacking back,” but it may provoke that as a response.
Alastair Paterson's picture
Malicious actors have been experimenting with a blockchain domain name system (DNS) as a way of hiding their malicious activity and bullet-proofing their offerings.
Lance Cottrell's picture
Even while using Tor hidden services, there are still many ways you can be exposed and have your activities compromised if you don’t take the right precautions.
Erin O’Malley's picture
When ransomware strikes, there aren’t many options for response and recovery. Essentially, you can choose your own adventure and hope for the best.