Cybercrime
Cybercrime | News, how-tos, features, reviews, and videos
![A fishing lure with multiple hooks baits a binary stream. [fraud / phishing / social engineering]](https://images.idgesg.net/images/article/2020/09/fishing_bait_lure_hooks_by_curaga_gettyimages-91736452_binary_streams_by_cofotoisme_gettyimages-1199213090_phishing_social_engineering_bait_and_switch_fraud_2400x1600-100860144-medium.3x2.jpg)
![Tech Spotlight > Analytics [CSO] > An image of a bottle of poison emanating binary code.](https://images.idgesg.net/images/article/2021/04/spot_analytics_04_cso_bottle_of_poison_by_arek_socha_aka_qimono_cc0-like_via_pixabay_binary_spiral_by_gordon_johnson_aka_gdj_cc0-like_via_pixabay_3x2_2400x1600-100884336-small.3x2.jpg)
How data poisoning attacks corrupt machine learning models
Data poisoning is a type of attack that involves tampering with and polluting a machine learning model's training data, impacting the model's ability to produce accurate predictions.
Zero days explained: How unknown vulnerabilities become gateways for attackers
A zero day is a security flaw that has not yet been patched by the vendor and can be exploited. The name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before...
Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past
President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.
Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor
The Golden Chickens cybercriminal gang is believed to sell its more_eggs backdoor for spear phishing campaigns executed using information gleaned from victims' LinkedIn profiles.
![Digital Transformation [DX] > dandelion seeds blown by a virtual wind of change](https://images.idgesg.net/images/article/2020/01/cio_dandelion_seeds_blown_by_virtual_wind_of_change_digital_transformation_flower_by_dawid_zawila_cc0_via_unsplash_abstract_digital_wave_stream_by_pete_linforth_aka_thedigitalartist_cc0_via_pixabay_1200x800-100826623-small.3x2.jpg)
The SolarWinds hack timeline: Who knew what, and when?
Impact, detection, response, and ongoing fallout from the attack on SolarWinds' Orion remote IT management software.
What are phishing kits? Web components of phishing attacks explained
A phishing kit is the back-end to a phishing attack. It's the final step in most cases, where the criminal has replicated a known brand or organization.
Booming dark web gig economy is a rising threat
Experts seen a sharp increase in help-wanted ads for black hat hackers-for-hire. Here's what they are targeting and how to respond to the threat.
Sponsor Podcast in partnership with Microsoft
Episode 4: Reduce SOC burnout
Episode 4 - Listen to the podcast to learn more about the expanding threat landscape and how security leaders can reduce SOC burnout and enable security teams to be proactive and preventive threat hunters with a modern threat...
![A gavel rests on open law book. [law / regulation / compliance / legal liability]](https://images.idgesg.net/images/article/2020/09/gavel_mallett_rests_on_open_law_book_legal_liability_risk_regulations_compliance_by_andreypopov_gettyimages-1021544574_2400x1600-100860121-small.3x2.jpg)
States enact safe harbor laws against cyberattacks, but demand adoption of cybersecurity frameworks
Connecticut might soon follow Ohio and Utah by enacting a law that offers liability protection against ransomware and other cyberattacks, but only if victims follow security best practices.
US government calls for better information sharing in wake of SolarWinds, Exchange attacks
The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.
Ryuk ransomware explained: A targeted, devastatingly effective attack
Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.
How and why deepfake videos work — and what is at risk
Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.
The SolarWinds Senate hearing: 5 key takeaways for security admins
Testimony by key security executives in the US Senate reveal how unprepared most organizations are for supply chain attacks. Here are the lessons security admins should learn from it.
5 questions CISOs should be able to answer about software supply chain attacks
The SolarWinds attack put a spotlight on the threats that compromised third-party software present organizations. Here are the top questions executive management, boards and partners are asking CISOs about their preparedness.
What is cryptojacking? How to prevent, detect, and recover from it
Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.
Why the Microsoft Exchange Server attack isn’t going away soon
For some victims, patching and proper forensics will be difficult, plus new threat actors are now exploiting the same Exchange Server vulnerabilities.
5 reasons why the cost of ransomware attacks is rising
The ransom is still a tiny portion of the total cost of a ransomware attack, but associated costs are increasing.
How to patch Exchange Server for the Hafnium zero-day attack
Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.
-
Solution Brief
Sponsored -
White Paper
-
Solution Brief
Sponsored -
White Paper
-
White Paper
