Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Google has observed a new code signing trick being used by a financially motivated threat actor to help its Windows files evade detection. [Read More]
The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.” [Read More]
This is the 16th documented in-the-wild zero-day exploitation of security defects in Apple’s iOS and macOS platforms so far this year. [Read More]
Cowbell Cyber aims to fill a gap in the cyber-insurance ecosystem with products that continuously monitor customers systems to find weaknesses that can be fixed so that insurance can be offered with greater confidence. [Read More]
The company will use the investment to expand marketing and sales initiatives and accelerate product roadmap. [Read More]
An Indian media conglomerate, a police department and the agency responsible for the country’s national identification database have been hacked, likely by a state-sponsored Chinese group. [Read More]
The internet is already being scanned for VMware vCenter servers affected by CVE-2021-22005, a critical vulnerability patched just days ago. [Read More]
Adversaries used malicious documents targeting the MSHTML vulnerability tracked as CVE-2021-40444 to compromise Russian state rocket center and interior ministry. [Read More]
Facebook said Wednesday that Apple's iPhone privacy changes, which allow users to block tracking, significantly affected its advertising revenues because less data could be collected. [Read More]
CISA has issued an alert on the Conti ransomware, just as a second major U.S. farming cooperative confirmed being hit by ransomware. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Idan Aharoni's picture
Despite having different infrastructure, goals and methods, threat actors do not work in a vacuum. They feed off of each other.
Derek Manky's picture
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
Joshua Goldfarb's picture
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Idan Aharoni's picture
Plausible deniability provides a massive operational leeway to military operations in cyberspace, enabling governments to take actions without risking an all-out war.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Derek Manky's picture
We tend to focus on the attack surface when it comes to cybersecurity, but the reality is, much like an iceberg, there’s so much more lurking beneath the surface.
Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Idan Aharoni's picture
Fraudsters will determine who to target within the industry based on each service’s fraud prevention policies and maturity, rather than generally targeting the industry.
Idan Aharoni's picture
Taking down dark web sites may cause headache for both the bad guys and the good guys, but it can also have a profound positive effect on the fight against cybercrime.