Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Cybereason researchers who analyzed the data collected in a honeypot that masqueraded as a financial services company. What they found was interesting and unexpected. [Read More]
Vast majority of the exhibitors at the RSA Conference have not implemented DMARC on their primary domains, opening the door to fraudulent and fake emails [Read More]
Malicious actors exploiting the Drupal vulnerability tracked as CVE-2018-7600 and dubbed Drupalgeddon2 to deliver backdoors, cryptocurrency miners and other malware [Read More]
CrowdStrike unveils new Falcon Endpoint Protection Complete solution and a threat analysis subscription module for the Falcon platform [Read More]
Trend Micro unveils Writing Style DNA, an AI-powered capability that uses writing style analysis to detect business email compromise (BEC) attacks [Read More]
A technical alert issued by the US and UK details how Russian state-sponsored hackers target government and private-sector organizations by abusing various networking protocols [Read More]
Russian government-sponsored hackers are compromising the key hardware of government and business computer networks like routers and firewalls, giving them virtual control of data flows, Britain and the United States warned. [Read More]
Proofpoint says it has managed to sinkhole the EITest infection chain, which redirected users to exploit kits (EKs), social engineering schemes, and other malicious or fraudulent operations. [Read More]
Attempts to exploit the recently patched Drupal vulnerability dubbed Drupalgeddon2 spotted shortly after PoC exploit is published [Read More]
Russian intelligence was spying on former double agent Sergei Skripal and his daughter Yulia for at least five years before they were poisoned in a nerve agent attack, Britain's National Security Adviser Mark Sedwill said in a letter to NATO. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Siggi Stefnisson's picture
Historical patterns and recent activity indicate that another major Necurs malware outbreak is looming just around the corner.
Markus Jakobsson's picture
Men and women may jokingly refer to their significant other as their “partner in crime,” but when it comes to romance scams, this joke may become a sad reality.
Josh Lefkowitz's picture
Even organizations with the most robust defense solutions and advanced automated technologies cannot effectively combat threats such as BEC without the adequate support and nuanced expertise of humans.
Siggi Stefnisson's picture
It remains to be seen whether more legitimate web operations will embrace the approach, but you can count on illegitimate and malicious use of cryptomining to grow robustly.
Oliver Rochford's picture
Cryptocurrencies have revolutionized the economics of cybercrime, with a noticeable impact on threat actors’ Tactics, Techniques and Procedures (TTP’s).
Siggi Stefnisson's picture
Even though I've been analyzing malware for the past 20 years, I do understand that internet security is not merely a technical problem, but also a business problem.
David Holmes's picture
Take a step back and realize that cryptocurrency mining is really just another form of malware, which is something you should be good at finding already.
Markus Jakobsson's picture
DMARC is an email authentication standard designed to eliminate phishing and other types of attack that use spoofing to misrepresent an email sender identity.
Alastair Paterson's picture
With better security practices both on an individual and organizational level, you can mitigate the risk of cryptocurrency fraud while remaining an active user.
Alastair Paterson's picture
The most technically sophisticated use detailed social engineering techniques, zero-day exploits and weaknesses in the supply chain.