Articles about Cybercrime

A new report from HP Wolf Security reveals cybercriminal marketplaces offering low-level attackers the tools needed to bypass detection and infect users in the form of so-called 'meal kits'.

These are pre-packaged malware kits which give low-level attackers all the ingredients to evade detection tools, making it easier for them to breach organizations and steal sensitive data.

Continue reading →

A new report from GuidePoint Security's Research and Intelligence Team (GRIT) shows a total of 3,385 publicly posted ransomware victims in the first three quarters of this year, claimed by 57 different threat groups, representing an 83 percent year-on-year increase.

Attacks directed against US-based organizations decreased, but there has been a marked increase in attacks impacting other nations. Other countries consistently affected, like the UK, saw an approximate 41 percent increase in attacks in Q3.

Continue reading →

Identity management company AU10TIX has released its latest Global Identity Fraud Report, based on insights from millions of transactions processed in 249 countries from April to June 2023.

It finds there has been a 44 percent increase in organized ID fraud in North America compared to preceding quarters. This upsurge is believed to be driven by the ongoing economic recovery and inflationary pressures, particularly in the US market, which are emboldening professional ID fraud syndicates.

Continue reading →

A new report from Netskope looks at the activities of cybercriminals based on the techniques and motivators that were most commonly detected among its customers in the first three quarters of 2023.

In news that will come as a surprise to precisely nobody it shows that the highest percentage of cybercriminal activity comes from Russia, while China accounts for most politically-motivated attacks.

Continue reading →

Ransomware is being deployed within one day of initial access in more than 50 percent of engagements, according to research from Secureworks Counter Threat Unit.

In the last 12 months the median dwell time identified in the annual Secureworks State of the Threat Report has fallen from 4.5 days to less than one day. In 10 percent of cases, ransomware was even deployed within five hours of initial access.

Continue reading →

Artificial intelligence (AI) has been an evolving trend at the very center of cybersecurity in recent years. However, the release of a wave of new tools such as ChatGPT and Microsoft's Jasper chatbot have sparked fresh concerns about the potential for cybercriminals to leverage increasingly sophisticated technologies for nefarious purposes.

We spoke to Zach Fleming, principal architect at Integrity360, to explore whether AI can be used to create sophisticated malware and hacking tools capable of bringing down entire networks. We'll consider which concerns are valid by highlighting the current state of AI, and we'll explore how security teams can best combat the use of AI in cybercrime.

Continue reading →

Account takeover (ATO) attacks jumped a massive 354 percent year-on-year in Q2 2023 according to the latest quarterly Digital Trust and Safety Index from Sift.

Analysis across Sift's global network shows the fintech and food and beverage categories experienced especially large increases. ATO spiked 808 percent across fintech, hitting loyalty sites and crypto, and opening the gate to downstream payment fraud, while the food and beverage industry saw a 485 percent increase in ATO.

Continue reading →

We all know that bad bots are, well… Bad. But open banking is supposed to be good, giving consumers more control over their finances. Combine open banking and bad bots though and you have opened up a world of new threats to banks, customers, and their data.

We spoke to Alan Ryan, AVP for UK and Ireland at Imperva, about how open banking has created new opportunities for cybercriminals, and why the traditional siloed approach to security needs re-appraising.

Continue reading →

Cybercriminals have launched approximately 7.9 million DDoS attacks in the first half of 2023, representing a 31 percent year-on-year increase.

A new report from NETSCOUT shows global events like the Russia-Ukraine war and recent NATO bids have driven recent DDoS attack growth.

Continue reading →

It won't come as any surprise that there's a thriving market among threat actors for the latest vulnerability exploits. A new report from Flashpoint lifts the lid on this world and reveals the exact vulnerability exploits that were listed for sale, purchased, and/or traded in the first half of 2023.

One of the most expensive was a remote code execution exploit for Adobe Commerce -- the eCommerce platform formerly known as Magneto -- which was listed for sale at $30,000. A Citrix ShareFile exploit was priced at $25,000.

Continue reading →

Over half of the UK population (53 percent) would be supportive of the UK government and its allies breaking international cybersecurity law.

A new survey by Censuswide, on behalf of International Cyber Expo, also shows 45 percent have admitted they would be supportive of, or engage in online cybercriminal activity themselves, in the right circumstances.

Continue reading →

As workers take time off for summer holidays it means greater risk that personal devices and public Wi-Fi will be used to access sensitive corporate data.

Vulnerability management specialist Hackuity warns that this is a time when organizations are at their most vulnerable and cybercriminals are well aware of the fact.

Continue reading →

We've already seen how generative AI can be used in cyberattacks but now it seems there's an AI model aimed just a cybercriminals.

Every hero has a nemesis and it looks like ChatGPT's could be FraudGPT. Research from security and operations analytics company Netenrich shows recent activities on the Dark Web Forum reveal evidence of the emergence of FraudGPT, which has been circulating on Telegram Channels since July 22nd.

Continue reading →

A new report from GuidePoint Security shows a startling 100 percent increase in publicly posted ransomware victims from Q2 2022 to the last quarter.

The study from the GuidePoint Research and Intelligence Team (GRIT) also shows a 38 percent increase in public victims compared to Q1 of this year.

Continue reading →

Recent Salesforce research shows 52 percent of consumers expect their offers to be personalized. To create these tailored offerings and drive a seamless customer experience, retailers gather vast amounts of personally identifiable information (PII) -- from addresses to purchasing history and payment information. This makes them an irresistible -- and relatively low risk -- target for cybercriminals. As a result, data breaches within retail are increasingly common, even for major retailers -- as we saw earlier this year with the JD Sports Data Breach, which exposed the PII of around 10 million people.

To help protect consumers, governing bodies are putting increased pressure on companies to comply with data protection rules -- including the UK’s upcoming Data Protection and Digital Information Bill. Consumer trust is key when it comes to retail too. So, companies unable to protect their customer data not only risk enormous fines, but significant damage to their brand reputation. So, following recent high-profile retail breaches, how can brands protect their customers’ personal data? 

Continue reading →