Cybercrime

Cybercrime | News, how-tos, features, reviews, and videos

trojan horse malware virus binary by v graphix getty

17 types of Trojans and how to defend against them

Trojan malware comes in many different types, but all require a user action to initiate.

lock circuit board bullet hole computer security breach

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.

Binary Russian flag

SolarWinds hack is a wakeup call for taking cybersecurity action

Many questions are yet to be answered as the investigation and response continues, but one thing is clear: managing supply chain risks requires a level of sophistication similar to that of the attackers.

cyber attack alert

How to prepare for and respond to a SolarWinds-type attack

If you can perform these tasks on your Windows network, then you are properly prepared to respond to a nation-state attack like SolarWinds.

cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px

How to block malicious JavaScript files in Windows environments

Attackers frequently send malicious JavaScript files through bogus emails. It's easy to block these files from reaching a hapless user. Here's how.

malvertising malware hacked ads advertising online

What is malvertising? And how to protect against it

Malvertising, the practice of sprinkling malicious code to legitimate-looking ads, affects both small and large websites. Protecting against it is harder than it seems.

Compliance

12 new state privacy and security laws explained: Is your business ready?

States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. Let's break down what each of these laws entails and how businesses and consumers are affected.

Email takeover  >  Puppeteer hands manipulating strings

How to avoid subdomain takeover in Azure environments

Active but unused subdomains in Microsoft Azure give attackers the opportunity to use them for malicious purposes. Here's how to identify and delete vulnerable subdomains before attackers do.

A network of linked question marks.

6 board of directors security concerns every CISO should be prepared to address

The COVID pandemic and spike in cybercriminal activity has raised interest in security among corporate boards. These are the concerns and questions CISOs say they are now hearing from them.

Security system alert, warning of a cyberattack.

How to prepare for the next SolarWinds-like threat

It is possible to minimize the risk from nation-state attacks like SolarWinds. This is the best advice based on what experts have learned so far.

HTTP prefix sympolizing a web address / URL/ domain being manipulated by a hacker.

What is typosquatting? A simple but effective attack technique

Typosquatting is a type of social engineering attack that uses purposely misspelled domains for a variety of malicious purposes.

malicious email with skull and crossbones

14 tips to prevent business email compromise

Criminals fool victims into clicking on malicious links or assisting in financial theft by sending emails that mimic real senders and real companies. Here's how to stop BEC.

Russian hammer and sickle / binary code

SolarWinds attack explained: And why it was so hard to detect

A group believed to be Russia's Cozy Bear gained access to government and other systems through a compromised update to SolarWinds' Orion software. Most organizations aren't prepared for this sort of software supply chain attack.

cyber attack alert / data breach

FireEye breach explained: How worried should you be?

The theft of red team tools, allegedly by Russia's Cozy Bear group, poses only a small threat to other organizations. The real lesson: Anyone can be hacked.

trojan horse malware virus binary by v graphix getty

TrickBot explained: A multi-purpose crimeware tool that haunted businesses for years

TrickBot is one of the longest-lived botnets on the internet and represents a major threat to businesses and other organizations because it serves as a distribution platform for the infamous Ryuk ransomware and other threat actors.

medical network h/ ealthcare IoT / hospital connections and communications

Publicly known support credentials expose GE Healthcare imaging devices to hacking

The vulnerability gives hackers a means to access sensitive data, execute malicious code on devices and impact their operation.

Declining line graph / decreasing trend chart showing impact of the virus

Top 4 security trends to watch for 2021

Bad news: Ransomware becomes a bigger threat, and it becomes harder to find security talent. Good news: CISOs gain clout, and security infrastructure will improve.

CSO  >  security threats / laptop bombarded by attacks

6 new ways threat actors will attack in 2021

Cyber criminals will leverage improved capabilities and vulnerabilities introduced during the COVID crisis to improve the efficiency of their attacks.

Malware alert  >  United States Capitol Building

TrickBot gets new UEFI attack capability that makes recovery incredibly hard

Researchers discover a new TrickBot module that allows malware to persist even after reformatting or replacing a hard drive.

cubes - blocks - squares - containers - storage - repository

Half of all Docker Hub images have at least one critical vulnerability

New research reveals the scale at which criminals have exploited public open-source Docker repositories to plant malware among container images.

Load More
You Might Also Like