Articles about Cybercrime

Historically, government organizations have faced fewer attacks than their peers in other industries, particularly education and healthcare. But state and local governments have become a popular target for bad actors over the last two years -- nearly half of all ransomware in 2020 targeted municipalities. And in 2021, almost 60 percent of state and local governments faced a ransomware attack, up from just one-third of government organizations the year before.

The trend toward more frequent government ransomware attacks is concerning for several reasons. First and foremost, governments provide constituents with critical, everyday infrastructure, which makes ransomware-related outages costly and damaging. This incentivizes government IT leaders to address ransomware breaches quickly by paying the ransom. Second, and equally important, many state and local governments continue to use legacy hardware for their IT infrastructure. Without cloud-based protections and modernized cybersecurity protocols, many state and local governments face an uphill battle when it comes to addressing ransomware.

Continue reading →

New research from Kasada shows a 50 percent jump in bad bot activity during Black Friday week, with bot operators using customized open-source development tools, headless browsers, and new Solver Services to conduct their attacks at scale.

The report also shows a six times spike in automated gift card lookups this holiday shopping season, a key indicator that fraudsters are using bots to identify and steal gift card balances.

Continue reading →

New data from managed security service provider Nuspire reveals large increases in overall threat activity in the second quarter of this year continued throughout Q3, with additional growth in both exploits and botnets.

There's been a 236.22 percent jump in Kryptik variants -- a type of trojan malware distributed to victims through phishing campaigns, the goal being to steal information, including cryptocurrency wallets, files and SSH keys.

Continue reading →

It's safe to say that Hollywood and pop culture have not always been kind to the tech and cybersecurity industry.

Throughout the years, movies and TV shows have established a stereotype of how IT and security experts should look, with one of the biggest stereotypes being the representation of a hacker.

Continue reading →

Ransomware actors have been forming affiliate gangs and using new tactics in order to lure additional victims, according to a new report.

The latest 2022 Bi-Annual Cyber Threat Report from Deep Instinct reveals changes in the world of ransomware gangs, including LockBit, Hive, BlackCat, and Conti.

Continue reading →

Do you know what IT devices are in your business or on your network right now? If not, it’s not just cybercriminals that might be knocking on your door very soon, but the White House.

Binding Operational Directive 23-01, or BOD 23-01, is a new directive from the U.S. Cybersecurity and Infrastructure Security Agency. CISA has issued a Binding Operational Directive (BOD) that orders federal agencies in the country to keep track of their IT assets and any vulnerabilities on their networks.

Continue reading →

Critical infrastructure is a prime target for cybercriminals and nation state actors. It often operates on legacy operational technologies (OT) which have vulnerabilities that can't be fixed easily or directly. 

We spoke to John Moran, technical director, business development at Tufin, to discuss how organizations can protect themselves. John is a former incident response consultant and is a cybercrime forensics expert.

Continue reading →

The latest report from email security and threat detection company Vade shows the volume of phishing emails up 31 percent in the last quarter compared to Q2.

Volumes peaked in July (79.2 million), dipping in August (57.5 million), and rebounding in September (67.2 million). If this pace continues through Q4, phishing volumes in the second half of 2022 are set to exceed those reached in the first half (315 million).

Continue reading →

Although we've been told for years that their days are numbered, passwords are still a major part of our security defenses.

New research from Rapid7 looks at two of the most popular protocols used for remote administration, SSH and RDP, to get a sense of how attackers are taking advantage of weaker password management to gain access to systems.

Continue reading →

The period from July to September this year has seen 27 ransomware variants used to conduct 455 attacks according to cybercrime intelligence company Intel 471's Spot Reports and Breach Alerts.

This represents a decrease of 38 attacks from the second quarter of 2022 and 134 from the first quarter of 2022.

Continue reading →

New research from identity verification company Socure looks at patterns surrounding how fraudsters construct synthetic identities to identify factors that may assist in identifying and thwarting this kind of crime.

The study shows that criminals employing synthetic identities do their best to blend them with the overall population. So in the majority of cases, synthetic identities fell into the most common demographics and consumer traits.

Continue reading →

Online advertising is big business and it inevitably follows that where there's money to be made the fraudsters and cybercriminals won't be far behind.

We spoke to Jacob Loveless, CEO of eCommerce specialist Edgemesh, to find out more about why ad fraud has become such an issue and what businesses can do to combat it.

Continue reading →

Research from GuidePoint Security shows eight new ransomware groups have emerged in the last quarter and that there has been at least one new ransomware group each month since January 2021.

The report, from the GuidePoint Research and Intelligence Team (GRIT), tracked 27 ransomware groups and 568 publicly posted victims in the third quarter of this year and shows a slight slowdown overall of ransomware activity from the previous quarter.

Continue reading →

Digital natives aged between 18-39 are the most vulnerable age group for phishing scams, according to new data from security awareness training company SoSafe.

It finds that 18-39 year-olds have an average click rate of 29 percent on phishing emails, which drops to 19 percent among older age groups.

Continue reading →

Like it or not, the global cybercrime industry has grown at a prolific rate over the last decade, making it harder than ever for organizations to keep sensitive data safe. To put the size of the issue into perspective, a recent IDC report found that around 50 percent of organizations have suffered unrecoverable data loss in the last three years. What’s more, the data also demonstrated how the pandemic turbocharged the issue, with attacks surging by an eye-watering 238 percent between February and April 2020. Simply put, the world seems to be in an extremely worrying 'golden age' of cybercrime at the moment.

As every business knows, a successful cyber-attack can have a devastating effect, potentially costing huge amounts of time and money to resolve, as well as inflicting major reputational damage, should sensitive information be taken or lost. In some cases, the organizations involved never recover.

Continue reading →