Articles about Cybercrime

Researchers at managed security services provider Nuspire have released their latest quarterly threat report which looks at the top botnet, malware and exploit activity throughout 2019, focusing in on the fourth quarter.

Among the findings are that malicious cyber-activity declined towards the end of the year, partly as a result of hectic holiday schedules and vacations with fewer employees around to interact with malicious activity.

Continue reading →

Software-defined perimeters (SDP) use a combination of strong authentication, granular authorization and network segmentation to enable access from anywhere, creating a new kind of defense against a variety of cyberattacks. SDP is more secure than a firewall or a VPN and is more granular than a NAC. Compared to these alternative approaches, SDP offers improved security and operational simplicity for users and IT admins alike.

SDP employs multiple techniques in order to provide secure access. First, it leverages identity and access management (IAM) to authenticate every user that attempts to access a resource or application on the network. It then employs granular authorization to restrict the services that each user can access once logged in. Perhaps the most powerful aspect of the approach is its ability to provide "resource cloaking", ensuring that no DNS information or "visible" IP ports of protected resources are exposed to the Internet, which significantly reduces a network’s attack surface. This has the effect of creating a resilient defense against common attacks that hackers employ, such as the following:

Continue reading →

The compromised information from credit card breaches often ends up on dark web marketplaces, leaving victims at risk for having their precious information sold in a transaction that's entirely out of their control.

But, people often are clueless about whether their breached data ended up on the dark web. Many assume it did and, hopefully, go through the recommended steps to stay safe from cyber identity theft.

Continue reading →

Check Point Research has released its 2020 Cyber Security Report, looking at the key malware and cyber-attack trends during 2019.

Even though cryptomining declined during 2019, linked to cryptocurrencies' fall in value and the closure of the Coinhive operation in March, 38 percent of companies globally were impacted by crypto-miners in 2019, up from 37 percent the previous year. Crypto-miners remain a low-risk, high-reward activity for criminals.

Continue reading →

Mass cyber attacks are now being outnumbered by targeted attacks, with 65 percent of the total in the third quarter of 2019 being targeted, compared to 59 percent in the previous quarter.

The latest threatscape report from Positive Technologies also shows data theft grew to 61 percent of all attacks on organizations and 64 percent of all attacks on individuals (compared to 58 and 55 percent respectively in the second quarter). The share of attacks with direct financial motivation was 31 percent.

Continue reading →

A new report from attack surface management company RiskIQ shows attackers will leverage popular brands and unsafe consumer shopping habits in the run up to the peak holiday shopping period.

Of all apps that can be found by searching for terms related to holiday shopping, 951, or two percent, are blacklisted as malicious -- a 20 percent increase.

Continue reading →

Organizations are being targeted by a mixture of simple, low effort and low-cost attacks along with more sophisticated, targeted campaigns, according to the latest quarterly Threat Intelligence Report from security and compliance specialist Mimecast.

Based on analysis of over 200 billion emails, the report looks at the four main categories of attack types discovered in the quarter: spam, impersonation, opportunistic, and targeted. This quarter's report finds that impersonation attacks are on this rise, accounting for 26 percent of total detections -- and now include voice phishing or 'vishing.'

Continue reading →

Some 72 percent of retailers globally have experienced a cyberattack, with 61 percent experiencing one in the last year, yet 50 percent don't have a response plan in place to deal with data breaches.

This is among the findings of a new study carried out by the Ponemon Institute for Keeper Security, which also shows the average cyberattack on a retailer involving the loss of customer/employee data results in 7,772 individual records lost or stolen, with an average price tag of $1.9M from the disruption of normal operations.

Continue reading →

Comparing all of 2018 against just the first three quarters of 2019 has seen a 60 percent increase in threat detections at healthcare organizations, according to a new report from Malwarebytes.

The industry has been overwhelmingly targeted by Trojan malware during the last year, with attacks increased by 82 percent in Q3 2019 over the previous quarter. The two most dangerous Trojans of 2018–2019 for all industries, Emotet and TrickBot, were the two main culprits.

Continue reading →

Online fraud increased 30 percent overall in the third quarter of this year and bot-driven account registration fraud is up 70 percent as cybercriminals test stolen credentials in advance of the peak holiday retail season.

These are among the findings of the latest Fraud and Abuse report from Arkose Labs, its analysis of over 1.3 billion transactions spanning account registrations, logins and payments, reveals that one in five account openings were fraudulent.

Continue reading →

A survey of over 1,000 IT workers, carried out by technology services provider Probrand reveals that more than one in five (21 percent) don't actually know what constitutes a 'cyberattack'.

Used as a catch-all term, cyberattack can cover everything from a simple phishing email, right across to a large-scale server attack, however, many IT workers have never seen, or don't understand, what the real detail of an attack actually looks like.

Continue reading →

A Europe-wide survey of almost 600 successful businesses reveals that 61 percent of business leaders on the board of their company believe that in the war against cybercrime the hackers are more sophisticated than the software developers.

The study carried out for global network RSM by the European Business Awards also finds that 60 percent of these board members believe they may have been breached without them knowing and 73 percent consider themselves at risk from cybercrime.

Continue reading →

The UK's National Cyber Security Centre has released its annual review for 2019 which sets out cybersecurity trends and looks at how the agency has been protecting consumers and businesses.

One of the most interesting findings is the list of most hacked passwords. 'Superman', exposed 333,139 times, and 'blink182', exposed 285,706 times, top the lists for fictional characters and musicians respectively. If you are a soccer fan, 'liverpool', exposed 280,723 times, is not a good password choice. But it's old favorite '123456', exposed more than 23 million times, that's top overall.

Continue reading →

Nearly a quarter of malicious URLs are being hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block.

This is one of the findings of the latest Webroot threat report which also shows 29 percent of detected phishing web pages use HTTPS as a method to trick users into believing they're on a trusted site via the padlock symbol.

Continue reading →

The collapse of travel firm Thomas Cook has caused chaos for hundreds of thousands of holidaymakers around the world. But if losing out on planned trips was not bad enough, cybercriminals are taking advantage of the confused situation to scam customers out of their money.

There have been numerous reports of fraudsters pretending to be representatives of either Thomas Cook or a bank, using the promise of a refund to get people to part with bank account details.

Continue reading →