Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Researchers have discovered that the Cerber ransomware now includes a new feature to avoid encrypting canary files and triggering anti-ransomware programs. [Read More]
Hackers possibly from China planted a backdoor in popular connectivity tools from NetSarang as part of a major supply chain attack [Read More]
The TrickBot banking Trojan has been using legitimate SSL certificates alongside websites that closely resemble those of actual banks in recently observed attacks, security researchers warn. [Read More]
A single Nigerian national working on his own has orchestrated numerous malware infection campaigns targeting more than 4,000 organizations globally over the past four months, Check Point security researchers say. [Read More]
The new "Disdain" exploit kit (EK) has emerged recently on underground forums, where a malware developer is advertising it starting at just $80. [Read More]
Cybercriminals combine Office exploits for CVE-2017-0199 and CVE-2012-0158 likely in an effort to avoid detection [Read More]
Security researchers have discovered a flaw in the Windows Object Linking and Embedding interface that allows hackers access using Microsoft PowerPoint to install malware. [Read More]
British researcher Marcus Hutchins pleads not guilty in US court to creating and selling the Kronos banking Trojan [Read More]
A lawyer for 23-year-old security researcher Marcus Hutchins accused of creating malware to attack the banking system called him a "hero" and predicted he would be "fully vindicated." [Read More]
Four people have been arrested in India for leaking an episode from HBO's "Game of Thrones" television series before it was aired in the country. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Alastair Paterson's picture
The emergence of decentralized marketplaces within the criminal ecosystem poses significant challenges for law enforcement agencies and private security vendors.
Jack Danahy's picture
Awareness is not enough. Companies also need to dedicate themselves to protecting users and eliminating the blind spots caused by unpatched systems and a lack of strong endpoint protection.
Alastair Paterson's picture
As the opportunity for payment card fraud grows, it’s safe to assume that more cybercriminals will take advantage of new, sophisticated online courses to get a piece of the pie.
Ting-Fang Yen's picture
The attackers may be looking for the path of least resistance, but there is no shortcut to securing your platform.
Oliver Rochford's picture
The lifting of certain sanctions may provide an alternative incentive to limit certain types of cyberwar activity.
Josh Lefkowitz's picture
While President Trump’s executive order has laid an impressive and hopeful foundation for a more secure nation, its focus on bolstering federal defenses against large-scale cyber attacks and nation-state cyber threats is still too narrow.
Alastair Paterson's picture
There’s a great deal of intelligence organizations can find on the deep and dark web, but it's important to remember that criminal activity isn’t limited to the dark web.
Josh Lefkowitz's picture
Most threat intel teams haven’t been conditioned to maintain a comprehensive understanding of how geopolitical factors can influence, emergent strains of malware, insider threats, or supply chain security vulnerabilities.
Alastair Paterson's picture
By using best practices to protect credentials, while at the same time monitoring for leaked credentials and changes in the tools attackers use, you can mitigate the risk of account takeovers to your organization.
Travis Greene's picture
To reduce exposure to malware, security teams need to learn the DevOps techniques that are being adopted across the rest of the IT organization.