Articles about Cybercrime

Despite the fact that in recent months we've seen cybercriminals focusing their efforts on businesses, 68 percent of infections are seen on consumer endpoints, compared to 32 percent on business endpoints.

This is one of the findings of the latest Webroot Threat Report, which also shows that legitimate websites are frequently compromised to host malicious content, with 40 percent of malicious URLs hosted on good domains.

Continue reading →

Thanks to the huge volume of stolen credentials now available online, credential stuffing has become a major issue for the retail industry.

A new report from edge platform specialist Akamai shows that hackers directed credential abuse attempts at retail sites more than 10 billion times from May to December last year.

Continue reading →

Social media-enabled cybercrimes are generating at least $3.25 billion in global revenue annually according to a new report.

The study released by virtualization-based security company Bromium and  researched and written by Dr Mike McGuire, senior lecturer in criminology at the University of Surrey, looks at the range of techniques used by cybercriminals to exploit trust and enable rapid infection across social media.

Continue reading →

The latest Symantec Annual Threat Report reveals that cybercriminals are continuing to follow the money, but as ransomware and cryptojacking show falling returns they are turning to other techniques.

One of these is formjacking -- essentially virtual ATM skimming -- where cybercriminals inject malicious code into retailers' websites to steal shoppers' payment card details.

Continue reading →

While it’s essential that employees consistently avoid taking risks that could lead to a data breach, even top-performing employees don’t necessarily have top-notch cybersecurity knowledge. Thus, organizations are in charge of bridging the cybersecurity skill gap to keep employees from damaging the company’s network by accidentally uploading of a malicious program or sharing confidential documents with the wrong people.

Though it’s easy for IT and leadership teams to put systems in place that defend their network from external threats, well-intentioned internal users can be a hackers easy way in. The only way for organizations to counter this is with education and training.

Continue reading →

The average cost of a cyberattack is now estimated at $1.1 million, according to a new report from cybersecurity company Radware. For organizations that calculate rather than estimate the cost of an attack, that number increases to $1.67M.

The main impact of cyberattacks, as reported by respondents, is operational/productivity loss (54 percent), followed by negative customer experience (43 percent). What’s more, almost half (45 percent) report that the goal of the attacks they suffered was service disruption. Another third (35 percent) say the goal was data theft.

Continue reading →

Americans are more worried about a cyberattack disrupting the financial and banking system than attacks against hospital/emergency services, voting systems or power grid/energy supply companies.

This is among the findings of a survey by ESET to mark National Critical Infrastructure Security and Resilience Month, which surveyed 1,500 Americans to discover their views on critical infrastructure attacks.

Continue reading →

An anti-fraud operation led by the FBI has succeeded in disrupting a scam that has seen cybercriminals using botnets to manipulate internet traffic from 1.7 million IP addresses and generate nearly 30 million dollars in fraudulent ad revenue.

The ad fraud ring, known as '3ve' had been operating for a number of years and built two different botnets by spreading Kovter and Boaxxe malware to individuals through spam emails and drive-by downloads.

Continue reading →

The world has a number of less-than-bright criminals, from those who become stuck in their exit route (think vent pipes and the like), to those who get caught through use of a stolen device. Facebook has even led to a few arrests of people who bragged or posted the video evidence online.

Although this story is courtesy of Facebook, one alleged criminal took an interesting approach to outing himself. While the whole situation is sad for the victim, the end is shocking.

Continue reading →

After a relatively quiet first half of the year, cyberattacks have come back with a bang in the third quarter according to the latest report from Malwarebytes.

Businesses seem to have become the main focus of attacks, experiencing more cybercriminal activity this quarter, with detections up by 55 percent, while consumer detections increased by only four percent over the last quarter.

Continue reading →

While the majority of cyberattacks are aimed at businesses and other organizations, an increasing number are targeting ordinary users, according to the latest report from Positive Technologies.

The most attractive targets were personal data (30 percent) and credentials (22 percent), especially for online banking. To steal this data, attackers compromised a wide range of websites, including web stores, ticket vendors, and hotel booking services.

Continue reading →

Industry increasingly relies on automated systems for the control of processes, but a new report from Kaspersky Lab shows that 41.2 percent of industrial control systems (ICS) computers were attacked by malicious software at least once in the first half of this year.

Based on analysis of systems protected by Kaspersky Lab solutions, the data shows that in 2017, the percentage of ICS computers attacked was 36.61 in the first half of the year and 37.75 in the second half.

Continue reading →

According to the ESG brief: 2017 Cybersecurity Spending Trends, 45 percent of organizations claim to have a problematic shortage of cybersecurity skills. Another ESG report, The Life and Times of Cybersecurity Professionals, reveals that 27 percent of cybersecurity professionals say that the cybersecurity skills shortage has had a significant impact on their organizations.

Training a capable IT staff to keep their network secure and running amid a growing threat landscape is a business imperative. Here’s a look at what executives need to keep in mind to increase the security posture of their organization through cybersecurity training.

Continue reading →

We reported last week on a report highlighting how many security professionals are turning to a life of cybercrime.

In a follow up research piece, Wendy Zamora at Malwarebytes, has been looking at the psychology, motivations and other underlying factors that drive people to take part in cybercrime.

Continue reading →

The attractions and profitability of the digital underworld are leading some security practitioners to become 'gray hats' and get involved in cybercrime according to a new report from Malwarebytes.

The study carried out by Osterman Research finds that in the UK as many as one in 13 security professionals are perceived to be gray hats. Globally, mid-sized organizations (those with 500 to 999 employees) are getting squeezed the hardest, and this is where the skills shortage, and the allure of becoming a gray hat, may be greatest.

Continue reading →