Articles about Cybercrime

IT security professionals are more than twice as worried about data breaches and cyberattacks today than they were this time last year according to two new reports.

The International Cyber Benchmarks Index and The Changing Face of Cyber Attacks, from the Neustar International Security Council (NISC), reveal the greatest threats as system compromises and ransomware, with 20 percent listing both as their primary concern

Continue reading →

Malware writers have been using a free market model to sell their wares for some time. The success of this approach is clear from new research by Positive Technologies that finds demand for malware creation on the dark web is three times greater than supply.

Demand for malware distribution is twice the supply. This mismatch of supply and demand has led to interest among criminals in new tools, which are becoming more readily available in the form of partner programs that include malware-as-a-service and malware distribution-for-hire.

Continue reading →

Cyberattacks come in many forms and from many sources, but a new report from endpoint security company Carbon Black reveals an increasing number originate from nation states with espionage as their goal.

The findings show that 81 percent of incident response (IR) professionals say the majority of attacks come from Russia, while 76 percent say the majority come from China. These foreign actors are seeking more than just financial gain or theft -- 35 percent of IR professionals say the attackers' end goal is espionage.

Continue reading →

When usernames and passwords are exposed through a data breach or attack on users, criminals harvest these credentials and test them on a wide range of websites and mobile applications, a practice known as 'credential stuffing'.

A new report by security and anti-fraud specialist Shape Security looks at the lifecycle of stolen credentials and at the damage their use can cause.

Continue reading →

No business is immune from cyber attack, and smaller companies are often targeted as they lack the resources to put into first class protection.

A new survey by cybersecurity company Webroot of 600 IT decision makers (ITDMs) at small- to medium-sized businesses, finds that the attacks organizations believed themselves to be most susceptible to in 2017 are rapidly shifting in 2018, while businesses still feel underprepared.

Continue reading →

Website attacks increased 14 percent in the first quarter of 2018 compared to the final quarter of 2017 as cybercriminals set their sights on independent websites and small businesses.

Figures from website security specialist SiteLock show that one percent of sampled sites are infected at any one time. This may not sound much, but it means 18.7 million sites are infected.

Continue reading →

As the FIFA World Cup tournament enters its second week, cybercriminals are using a phishing campaign to trick fans into opening an infected attachment.

Emails identified by Check Point attempt to lure would-be victims into downloading a schedule of fixtures and a result tracker, but doing so will prove to be an own goal.

Continue reading →

Kaspersky Lab has published a report in which it reveals that a Chinese hacking group has attacked the national data center of an unnamed Central Asian country.

The cyberattacks are said to have been carried out by a group known as LuckyMouse -- but also goes by the names Iron Tiger, Threat Group-3390, EmissaryPanda and APT27. The attacks started in 2017, and Kaspersky says that malicious scrips were injected into official website to conduct country-level waterholing campaign.

Continue reading →

Another week, another cyberattack. This time around, it's the Dixons Carphone group which says it has fallen victim to not one but two major breaches.

The bank card details of 5.9 million customers have been accessed by hackers in the first breach. In the second, the personal records of 1.2 million people have been exposed.

Continue reading →

Cybercriminals are increasingly using the dark web to facilitate cryptocurrency theft on a large scale, according to cybersecurity company Carbon Black.

The company’s research has uncovered a total of $1.1 billion in cryptocurrency-related thefts during the past six months and finds there are currently an estimated 12,000 dark web marketplaces selling approximately 34,000 offerings related to crypto theft.

Continue reading →

Robbing a bank used to involve a mask, a gun and a fast car, but these days it's more likely to be done via the safer and no less lucrative means of a cyberattack.

A new report from cloud security specialist Carbon Black, based on responses from CISOs at 40 major financial institutions -- including six of the top 10 global banks -- seeks to better understand the attack landscape.

Continue reading →

Not so long ago the idea of email fraud mainly involved Nigerian princes asking for your help to liberate a few million dollars.

Things have moved on and the scammers have become more sophisticated, but email fraud is no less of a threat according to a new study by email security specialist Agari, which studied activity on 78 criminal email accounts over a period of 10 months.

Continue reading →

President Trump's re-imposition of sanctions against Iran could lead the country to respond by launching cyber attacks on Western businesses within months, according to a new report.

Threat intelligence company Recorded Future has today released new research and analysis into the Iranian cyber threat.

Continue reading →

A critical remote code execution vulnerability has been discovered in two Schneider Electric applications heavily used in manufacturing, oil and gas, water, automation and wind and solar power facilities.

The vulnerability, discovered by cyber exposure company Tenable, could, if exploited, give cyber criminals complete control of the underlying system.

Continue reading →

We reported earlier this month on the ways in which cyber criminals spend their ill-gotten gains.

The company behind those findings, Bromium, has now released more details from its research, which exposes a huge cybercrime-based economy and the professionalization of cybercrime.

Continue reading →