Articles about Cybercrime

The UK's National Cyber Security Centre has released its annual review for 2019 which sets out cybersecurity trends and looks at how the agency has been protecting consumers and businesses.

One of the most interesting findings is the list of most hacked passwords. 'Superman', exposed 333,139 times, and 'blink182', exposed 285,706 times, top the lists for fictional characters and musicians respectively. If you are a soccer fan, 'liverpool', exposed 280,723 times, is not a good password choice. But it's old favorite '123456', exposed more than 23 million times, that's top overall.

Continue reading →

Nearly a quarter of malicious URLs are being hosted on trusted domains, as hackers know trusted domain URLs raise less suspicion among users and are more difficult for security measures to block.

This is one of the findings of the latest Webroot threat report which also shows 29 percent of detected phishing web pages use HTTPS as a method to trick users into believing they're on a trusted site via the padlock symbol.

Continue reading →

The collapse of travel firm Thomas Cook has caused chaos for hundreds of thousands of holidaymakers around the world. But if losing out on planned trips was not bad enough, cybercriminals are taking advantage of the confused situation to scam customers out of their money.

There have been numerous reports of fraudsters pretending to be representatives of either Thomas Cook or a bank, using the promise of a refund to get people to part with bank account details.

Continue reading →

US retailers are under siege as nearly two thirds (62 percent) report experiencing a data breach and over a third (37 percent) say they were breached in the past year, according to the latest report produced by IDC for Thales.

This high rate of data breaches comes amidst a decline in the rate of growth in security spending. Less than two thirds (62 percent) say that they are increasing spending this year compared to 84 percent last year, yet nearly all (96 percent) of the retailers surveyed claimed they use sensitive data within digitally transformative environments.

Continue reading →

The finance industry is a prime target for cyberattacks and a new report from F-Secure shows that it's facing a wide range of threats that go far beyond traditional theft.

Attacks targeting banks, insurance companies, asset managers and similar organizations can range from common script-kiddies to organized criminals and state-sponsored actors. And these attackers have an equally diverse set of motivations for their actions, with many seeing the finance sector as a tempting target due to its importance in national economies.

Continue reading →

Cybercriminals are getting better at monetizing their activities, with more than two million cyber incidents in 2018 resulting in over $45 billion in losses, with actual numbers expected to be much higher as many cyber incidents are never reported.

The Internet Society's Online Trust Alliance (OTA) has released a report which finds the financial impact of ransomware rose by 60 percent last year, and losses from business email compromise doubled, despite the fact that overall breaches and exposed records were down.

Continue reading →

Bad actors have been seeking opportunities to take advantage of unsophisticated netizens or unprotected organizations since the dawn of the World Wide Web, but today’s bad actors are in a class by themselves. Nation-state actors, often operating through a vast network of well-funded proxies, strive to exert influence, threaten stability, and sow discord through the mechanisms of cyberspace. Hacktivist organizations seek to undermine, damage or discredit organizations whose agendas and politics they oppose.

They may not be as well funded as nation-state actors, but they are populated by technically sophisticated people who have bought into a cause -- and when these people work together, they can pose serious threats to those with whom they disagree.

Continue reading →

While banking and identity information has been traded on the dark web for a long time, a new report from Carbon Black shows a new focus on tax identities.

The company's research shows previous year's W-2 forms and 1040 forms available on the dark web at relatively low cost, ranging from $1.04 to $52. Names, social security numbers and birthdates can be obtained for a price ranging from $0.19 to $62.

Continue reading →

A new survey of professionals in industries using industrial control systems (ICS) and operational technology (OT) finds 90 percent of respondents say their environment has been damaged by at least one cyberattack over the past two years, with 62 percent experiencing two or more attacks.

The study commissioned by Tenable from the Ponemon Institute also finds 80 percent of respondents cite lack of visibility into the attack surface, knowing what systems are part of their IT environments, as the number one issue in their inability to prevent business-impacting cyberattacks.

Continue reading →

We all know that cybersecurity is a major issue, but it can sometimes be hard to grasp the scale of the problem and who is at risk.

Software reviews site TechJury has created an infographic to vizualize what is happening in the cybersecurity field as well as the top threats to look out for.

Continue reading →

Attacks using banking Trojans are among the most popular with cybercriminals as they are focused directly on financial gain.

According to a new report from Kaspersky Lab, 889,452 users of Kaspersky Lab solutions were attacked by banking Trojans last year, an increase of 15.9 percent compared to 2017.

Continue reading →

There is an acknowledged shortage of security talent in the West, but at the same time a lack of opportunity in many developing nations such as South America and India is leading to fledgling talent utilising its expertise for nefarious acts rather than for legal activity.

But a new approach to threat detection and prevention could help address the skills shortage while giving cybersecurity talent in developing countries the chance to earn an honest wage. We spoke to Steve Bassi, CEO of PolySwarm to find out more.

Continue reading →

Levels of attack traffic observed by F-Secure's network of decoy honeypots in 2018 increased by 32 percent over the previous year, and increased fourfold in the latter half of 2018 compared with the first half of the year.

The report suggests that many companies may not have the visibility they need to catch attacks that make it past preventative measures like firewalls and endpoint protection.

Continue reading →

Despite the fact that in recent months we've seen cybercriminals focusing their efforts on businesses, 68 percent of infections are seen on consumer endpoints, compared to 32 percent on business endpoints.

This is one of the findings of the latest Webroot Threat Report, which also shows that legitimate websites are frequently compromised to host malicious content, with 40 percent of malicious URLs hosted on good domains.

Continue reading →

Thanks to the huge volume of stolen credentials now available online, credential stuffing has become a major issue for the retail industry.

A new report from edge platform specialist Akamai shows that hackers directed credential abuse attempts at retail sites more than 10 billion times from May to December last year.

Continue reading →