Cybercrime

Cybercrime | News, how-tos, features, reviews, and videos

international flags / global business discussion
vulnerable breach cyberattack hacker

ransomware

REvil ransomware explained: A widespread extortion operation

The REvil group, a.k.a. Sodinokibi, re-victimizes its targets by threatening to release stolen data even after the initial ransom demand is paid.

broken binary code matrix / breached / failed / hacked

Twitch breach highlights dangers of choosing ease of access over security

Attackers essentially broke into the Twitch house and cleaned out everything. Following least-privilege access principles and encrypted datasets will help others avoid that scenario.

vulnerable breach cyberattack hacker

October is high season for cyberattacks, Infosec Institute study shows

A study by Infosec Institute indicates that there has been an exponential increase in cyberattacks globally in the last five years, and a major part of it happened in the month of October each year as attackers apparently exploit...

Fragmented image of a Boeing 787 airplane represented in encrypted data.

TSA to issue cybersecurity requirements for US rail, aviation sectors

New rules include reporting incidents to CISA and naming cybersecurity leads, but experts and industry representatives cite lack of input.

examining / analyzing / selecting / business data / statistics / analytics

Top cybersecurity statistics, trends, and facts

Survey data from the past year paints a picture for what your threat landscape will potentially look like in the coming months.

trojan horse malware virus binary by v graphix getty

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

The MalKamak group has been running its Operation GhostShell campaign for at least three years unnoticed.

endpoint security hacker vulnerablility secure mobile security app

FCC asks carriers to step up to stop SIM swapping, port-out fraud

The US federal agency puts pressure on telecom carriers to put better authentication, account protection safeguards in place.

A magnifying lens examines top secret information amid binary code.

How corporate data and secrets leak from GitHub repositories

Attackers constantly search public code repositories like GitHub for secrets developers might inadvertently leave behind, and any tiny mistake can be exploited.

Security system alert, warning of a cyberattack.

Why today’s cybersecurity threats are more dangerous

Greater complexity and interdependence among systems gives attackers more opportunity for widespread, global damage, say government and industry experts.

Cybersecurity  >  Email security threats, such as phishing

4 steps to protect the C-suite from business email compromise attacks

Preventing top executives from becoming BEC victims requires a different approach. Putting the risk in business terms is key.

backdoor / abstract security circuits, locks and data blocks

APT29 targets Active Directory Federation Services with stealthy backdoor

The FoggyWeb post-exploitation backdoor is persistent and steals configuration databases and security token certificates.

botnet

Cybercriminals bypass 2FA and OTP with robocalling and Telegram bots

The automated bots are highly successful because they effectively emulate legitimate service providers.

cybersecurity ts

MITRE ATT&CK, VERIS frameworks integrate for better incident insights

The MITRE ATT&CK/VERIS collaboration aims to create a common dictionary for communicating information about security incidents.

healthcare data breach / medical patient privacy security violation

Breach reporting required for health apps and devices, FTC says

A new policy statement makes it clear that the US Federal Trade Commission will hold healthcare app and device makers accountable for reporting data breaches.

FBI Flag

Yes, the FBI held back REvil ransomware keys

The ransomware keys might have been acquired by an ally, which would invoke the third-party doctrine where the decision to release was not the FBI's alone.

Ransomware  >  An encrypted system, held ransom with lock + chain, displays a dollar sign.

US cryptocurrency exchange sanctions over ransomware likely not the last

The sanctions are aimed to cut ransomware gangs off from their revenue. Advisory on sanctions risks regarding ransomware payments also updated.

red padlock cybersecurity threat ransomeware

The Kaseya ransomware attack: A timeline

REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.

locked data / bitcoins

Biden sanctions Suex cryptocurrency exchange to stifle ransomware payments

In the wake of significant ransomware attacks, President Biden has sanctioned cryptocurrency exchange Suex in a clear attempt to prevent ransomware payments.

Load More