Articles about Cybercrime

US retailers are under siege as nearly two thirds (62 percent) report experiencing a data breach and over a third (37 percent) say they were breached in the past year, according to the latest report produced by IDC for Thales.

This high rate of data breaches comes amidst a decline in the rate of growth in security spending. Less than two thirds (62 percent) say that they are increasing spending this year compared to 84 percent last year, yet nearly all (96 percent) of the retailers surveyed claimed they use sensitive data within digitally transformative environments.

Continue reading →

The finance industry is a prime target for cyberattacks and a new report from F-Secure shows that it's facing a wide range of threats that go far beyond traditional theft.

Attacks targeting banks, insurance companies, asset managers and similar organizations can range from common script-kiddies to organized criminals and state-sponsored actors. And these attackers have an equally diverse set of motivations for their actions, with many seeing the finance sector as a tempting target due to its importance in national economies.

Continue reading →

Cybercriminals are getting better at monetizing their activities, with more than two million cyber incidents in 2018 resulting in over $45 billion in losses, with actual numbers expected to be much higher as many cyber incidents are never reported.

The Internet Society's Online Trust Alliance (OTA) has released a report which finds the financial impact of ransomware rose by 60 percent last year, and losses from business email compromise doubled, despite the fact that overall breaches and exposed records were down.

Continue reading →

Bad actors have been seeking opportunities to take advantage of unsophisticated netizens or unprotected organizations since the dawn of the World Wide Web, but today’s bad actors are in a class by themselves. Nation-state actors, often operating through a vast network of well-funded proxies, strive to exert influence, threaten stability, and sow discord through the mechanisms of cyberspace. Hacktivist organizations seek to undermine, damage or discredit organizations whose agendas and politics they oppose.

They may not be as well funded as nation-state actors, but they are populated by technically sophisticated people who have bought into a cause -- and when these people work together, they can pose serious threats to those with whom they disagree.

Continue reading →

While banking and identity information has been traded on the dark web for a long time, a new report from Carbon Black shows a new focus on tax identities.

The company's research shows previous year's W-2 forms and 1040 forms available on the dark web at relatively low cost, ranging from $1.04 to $52. Names, social security numbers and birthdates can be obtained for a price ranging from $0.19 to $62.

Continue reading →

A new survey of professionals in industries using industrial control systems (ICS) and operational technology (OT) finds 90 percent of respondents say their environment has been damaged by at least one cyberattack over the past two years, with 62 percent experiencing two or more attacks.

The study commissioned by Tenable from the Ponemon Institute also finds 80 percent of respondents cite lack of visibility into the attack surface, knowing what systems are part of their IT environments, as the number one issue in their inability to prevent business-impacting cyberattacks.

Continue reading →

We all know that cybersecurity is a major issue, but it can sometimes be hard to grasp the scale of the problem and who is at risk.

Software reviews site TechJury has created an infographic to vizualize what is happening in the cybersecurity field as well as the top threats to look out for.

Continue reading →

Attacks using banking Trojans are among the most popular with cybercriminals as they are focused directly on financial gain.

According to a new report from Kaspersky Lab, 889,452 users of Kaspersky Lab solutions were attacked by banking Trojans last year, an increase of 15.9 percent compared to 2017.

Continue reading →

There is an acknowledged shortage of security talent in the West, but at the same time a lack of opportunity in many developing nations such as South America and India is leading to fledgling talent utilising its expertise for nefarious acts rather than for legal activity.

But a new approach to threat detection and prevention could help address the skills shortage while giving cybersecurity talent in developing countries the chance to earn an honest wage. We spoke to Steve Bassi, CEO of PolySwarm to find out more.

Continue reading →

Levels of attack traffic observed by F-Secure's network of decoy honeypots in 2018 increased by 32 percent over the previous year, and increased fourfold in the latter half of 2018 compared with the first half of the year.

The report suggests that many companies may not have the visibility they need to catch attacks that make it past preventative measures like firewalls and endpoint protection.

Continue reading →

Despite the fact that in recent months we've seen cybercriminals focusing their efforts on businesses, 68 percent of infections are seen on consumer endpoints, compared to 32 percent on business endpoints.

This is one of the findings of the latest Webroot Threat Report, which also shows that legitimate websites are frequently compromised to host malicious content, with 40 percent of malicious URLs hosted on good domains.

Continue reading →

Thanks to the huge volume of stolen credentials now available online, credential stuffing has become a major issue for the retail industry.

A new report from edge platform specialist Akamai shows that hackers directed credential abuse attempts at retail sites more than 10 billion times from May to December last year.

Continue reading →

Social media-enabled cybercrimes are generating at least $3.25 billion in global revenue annually according to a new report.

The study released by virtualization-based security company Bromium and  researched and written by Dr Mike McGuire, senior lecturer in criminology at the University of Surrey, looks at the range of techniques used by cybercriminals to exploit trust and enable rapid infection across social media.

Continue reading →

The latest Symantec Annual Threat Report reveals that cybercriminals are continuing to follow the money, but as ransomware and cryptojacking show falling returns they are turning to other techniques.

One of these is formjacking -- essentially virtual ATM skimming -- where cybercriminals inject malicious code into retailers' websites to steal shoppers' payment card details.

Continue reading →

While it’s essential that employees consistently avoid taking risks that could lead to a data breach, even top-performing employees don’t necessarily have top-notch cybersecurity knowledge. Thus, organizations are in charge of bridging the cybersecurity skill gap to keep employees from damaging the company’s network by accidentally uploading of a malicious program or sharing confidential documents with the wrong people.

Though it’s easy for IT and leadership teams to put systems in place that defend their network from external threats, well-intentioned internal users can be a hackers easy way in. The only way for organizations to counter this is with education and training.

Continue reading →