Cybercrime

Cybercrime | News, how-tos, features, reviews, and videos

Security system alert: 'DANGER'
A fishing lure with multiple hooks baits a binary stream. [fraud / phishing / social engineering]

Tech Spotlight   >   Analytics [CSO]   >   An image of a bottle of poison emanating binary code.

How data poisoning attacks corrupt machine learning models

Data poisoning is a type of attack that involves tampering with and polluting a machine learning model's training data, impacting the model's ability to produce accurate predictions.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

Zero days explained: How unknown vulnerabilities become gateways for attackers

A zero day is a security flaw that has not yet been patched by the vendor and can be exploited. The name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before...

Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past

President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.

hacker linkedin scam romance scam on social media phishing heart

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

The Golden Chickens cybercriminal gang is believed to sell its more_eggs backdoor for spear phishing campaigns executed using information gleaned from victims' LinkedIn profiles.

Digital Transformation [DX]  >  dandelion seeds blown by a virtual wind of change

The SolarWinds hack timeline: Who knew what, and when?

Impact, detection, response, and ongoing fallout from the attack on SolarWinds' Orion remote IT management software.

phishing threat

What are phishing kits? Web components of phishing attacks explained

A phishing kit is the back-end to a phishing attack. It's the final step in most cases, where the criminal has replicated a known brand or organization.

cso security hacker breach gettyimages 1134588944 by jossnatu 2400x1600px

Booming dark web gig economy is a rising threat

Experts seen a sharp increase in help-wanted ads for black hat hackers-for-hire. Here's what they are targeting and how to respond to the threat.

podcast 3x16 2
Sponsor Podcast Microsoft

Episode 4: Reduce SOC burnout

Episode 4 - Listen to the podcast to learn more about the expanding threat landscape and how security leaders can reduce SOC burnout and enable security teams to be proactive and preventive threat hunters with a modern threat...

A gavel rests on open law book. [law / regulation / compliance / legal liability]

States enact safe harbor laws against cyberattacks, but demand adoption of cybersecurity frameworks

Connecticut might soon follow Ohio and Utah by enacting a law that offers liability protection against ransomware and other cyberattacks, but only if victims follow security best practices.

succession brain sharing intellectual knowledge sharing

US government calls for better information sharing in wake of SolarWinds, Exchange attacks

The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.

ransomware attack

Ryuk ransomware explained: A targeted, devastatingly effective attack

Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

deepfakes fake news tv head manipulation superimposed brainwashed

How and why deepfake videos work — and what is at risk

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

Security system alert, warning of a cyberattack.

The SolarWinds Senate hearing: 5 key takeaways for security admins

Testimony by key security executives in the US Senate reveal how unprepared most organizations are for supply chain attacks. Here are the lessons security admins should learn from it.

backdoor / abstract security circuits, locks and data blocks

5 questions CISOs should be able to answer about software supply chain attacks

The SolarWinds attack put a spotlight on the threats that compromised third-party software present organizations. Here are the top questions executive management, boards and partners are asking CISOs about their preparedness.

hacker / cryptocurrency attack

What is cryptojacking? How to prevent, detect, and recover from it

Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

binary cyberattack cybersecurity hacked protected

Why the Microsoft Exchange Server attack isn’t going away soon

For some victims, patching and proper forensics will be difficult, plus new threat actors are now exploiting the same Exchange Server vulnerabilities.

ransomware

5 reasons why the cost of ransomware attacks is rising

The ransom is still a tiny portion of the total cost of a ransomware attack, but associated costs are increasing.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to patch Exchange Server for the Hafnium zero-day attack

Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.

Load More