Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Russian cybercriminal Valeryevich Seleznev was sentenced in the United States to 27 years in prison for hacking into point-of-sale (PoS) computers to steal credit card numbers. [Read More]
One of the tools allegedly used by the NSA-linked threat actor “Equation Group” and made public roughly a week ago has been already observed in live attacks. [Read More]
The Necurs botnet has switched back to delivering the Locky ransomware which is being distributed in high volumes. [Read More]
Denmark denounced Moscow's "aggressive" behavior after a report accused Russian hackers of infiltrating the defense ministry's email accounts. [Read More]
A recently discovered remote access Trojan (RAT) that abuses Excel macros in an innovative way has been active for more than two years, Palo Alto Networks security researchers reveal. [Read More]
The number of attacks involving exploits increased by 25% last year, but the number of attacked users dropped by 20%, says Kaspersky [Read More]
Mastercard announces launch of new biometric card that combines chip technology with fingerprints [Read More]
The arrest of WikiLeaks founder Julian Assange is a US "priority," Attorney General Jeff Sessions said, as media reports indicated his office was preparing charges against the fugitive anti-hero. [Read More]
The RawPOS Point-of-Sale (PoS) RAM scraper malware was recently observed stealing driver’s license information from victims, Trend Micro has discovered. [Read More]
ICS-CERT has issued an alert on BrickerBot, a piece of malware designed to permanently disable Internet of Things (IoT) devices. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Alastair Paterson's picture
Bad actors will do whatever they can to take advantage of this potentially lucrative tax season – so beware the Ides of April.
Scott Simkin's picture
When implemented as part of a natively-engineered security platform, these malware identification and prevention practices can reduce the operational burden put on security teams.
Alastair Paterson's picture
A recent look at insider trading on the dark web shows how underground operators use OPSEC to protect their businesses.
Jack Danahy's picture
Identifying malicious software by recognizing that it just damaged the system or exfiltrated some amount of information is no longer defense, but detection.
Lance Cottrell's picture
In addition to basic credit monitoring, breached companies need to get ahead of the attacks and start providing security solutions that actually protect the victims before they are victimized again.
Adam Meyer's picture
While malicious actors demanding ransoms is not new, the surge of organizations being targeted with fake extortion demands and empty threats is. Let’s look at how extortion campaigns are carried out through the “avenue of approach” lens.
Alastair Paterson's picture
It’s natural to think that their adversaries are all financially motivated, but many are not. In 2016 we saw drivers like hacktivism, ideological differences and intelligence gathering also motivating attacks.
Jack Danahy's picture
Protection against the effects of ransomware starts with a clear understanding of all of the means that attackers will use to implant that first malicious package.
Scott Simkin's picture
Attackers have developed anti-VM analysis techniques to allow the malware to recognize when it is being run on a virtual machine and fail to execute, meaning the system or threat analytics cannot make a verdict determination or extract intelligence from the sample.
Josh Lefkowitz's picture
It’s critical to recognize that there will always be virtual ways in which terrorists and other criminals can create threats that no border process or physical security program can stop.