Articles about Cybercrime

In 93 percent of cases, an external attacker can breach an organization's network perimeter and gain access to local network resources.

This is among the findings of a new study of pentesting projects from Positive Technologies, conducted among financial organizations, fuel and energy organizations, government bodies, industrial businesses, IT companies and other sectors.

Continue reading →

Ransomware is being targeted at organizations seven days a week, leaving no time for enterprises to shore up their security operations, according to a new report.

Analysis of publicly reported ransomware events by RiskRecon looks at the dates on which ransomware activated to encrypt systems, a metric that which was disclosed in 473 of the 654 events examined.

Continue reading →

Rootkits, those sneaky bits of software that lurk deep inside a system in order to give access to hackers, have been around since the late 1980s.

A new study from Positive Technologies takes a close look at how they have evolved in recent years and just how much of a threat they present.

Continue reading →

A new report from Imperva suggests that the 2021 holiday shopping season faces disruption by cybercriminals looking to create chaos and take advantage of the global supply chain crisis.

Bot attacks against retail sites have risen by 13 percent in 2021, with 57 percent of attacks recorded on eCommerce websites this year carried out by bots. In comparison, bad bots made up just 33 percent of the total attacks on websites in all other industries in 2021.

Continue reading →

New research from identity security specialist One Identity shows that 95 percent of companies report challenges managing identities.

In addition 84 percent say that the number of identities they're managing has more than doubled, which means they have too many identities and credentials to keep track of, leaving holes within their network, evidenced by only 12 percent of security professionals being fully confident they can prevent a credential-based attack.

Continue reading →

Supply chain attacks have dominated news headlines in 2021. From SolarWinds to JBS Foods, cybercriminals are actively targeting national and international supply chains, causing widespread disruption and financial impact. Attackers understand that organizations have less control over and visibility into the security controls of a supply chain -- controls that are typically limited to legal contracts rather than true and comprehensive security policies and procedures. Common cyber supply chain risks and threats include third-party access to IT systems and weak cybersecurity practices of smaller suppliers.

Now more than ever before, protecting every part of the supply chain must be a top priority for both public and private sector organizations globally. To do this effectively, it is important to remember that securing any supply chain cannot be successfully achieved through the work of only an IT department or team. While they do play a significant role, cyber supply chain risks touch upon many different areas. Therefore, a more comprehensive, shared responsibility approach is required.

Continue reading →

A new survey of more than 250 CISO reveals that more than half have been hit by ransomware in the past year, with 69 percent saying it is likely they'll be successfully attacked at least once in the next year.

Those who were successfully hit by ransomware are more inclined to pay up, with 65 percent actually doing so. However, full recovery of data occurred only 55 percent of the time. When asked about willingness to pay, 13 percent say they definitely would, but only 20 percent say they definitely wouldn’t.

Continue reading →

Stolen data on the dark web is spreading 11 times faster today than it was six years ago, according to the latest study from Bitglass.

Breach data received over 13,200 views in 2021 compared to 1,100 views in 2015 -- a 1,100 percent increase. In 2015, it took 12 days to reach 1,100 link views -- in 2021, it takes less than 24 hours to pass that milestone.

Continue reading →

People’s lives are built around patterns and routines. Their routines are structured. After a while, they even become predictable.  A change in routine, an abnormality, emphasizes the pattern itself. When we add a non-routine activity to our lives -- our actions usually indicate it will occur. For example, before a vacation we make plans, buy a ticket or book a hotel. Before we move to a new house, we usually visit the location several times, make money transfers and sign a contract.

In their study from 2010, Albert-László Barabási and his team studied the mobility patterns of anonymous cell-phone users and concluded that despite the common perception that our actions are random and unpredictable, human mobility follows surprisingly regular patterns. Their research eventually concludes that people’s movement patterns are 93 percent predictable.

Continue reading →

Millennials and members of Generation Z suffer more from cyberthreats than baby boomers do, according to a new report from the National Cyber Security Alliance and data analytics company CybSafe.

Kicking off Cybersecurity Awareness Month, the report, based on polling of 2,000 people across the US and UK, shows that 44 percent of millennials and 51 percent of Gen Zers have experienced a cyber threat while only 21 percent of baby boomers have.

Continue reading →

Activity on dark web marketplaces that trade access to compromised networks has increased dramatically in the last year with sales up 50 percent, according to a new report by the threat research team at Lumu Technologies.

Criminal gangs are diversifying their monetization vehicles to extract maximum value from their efforts. Where in the past they would have been selling credit card and bank details, now access to mail servers, networks and more is on offer. Access to remote desktop protocols is particularly attractive.

Continue reading →

The rapid shift of applications and infrastructure to the cloud creates gaps in security according to a new threat report from security platform Lacework.

This increases the opportunities for cybercriminals to steal data, take advantage of an organization's assets, and to gain illicit network access.

Continue reading →

"Cybersecurity doesn’t apply to me because my business is too small to matter", and "Cybercriminals would never bother hacking us because we don’t have valuable data or many financial assets."

If these comments sound familiar, that’s because it is unfortunately the view held by a large majority of the SMB community. Small to medium sized businesses are slowly jumping on the cybersecurity bandwagon, but must first leave this 'it would never happen to me' mentality behind.

Continue reading →

We know that cyber criminals are increasingly operating in a businesslike way and using underground marketplaces to sell services and information.

A new report from threat intelligence specialist IntSights looks at one particular aspect of this trend which is the sale of access to already compromised networks.

Continue reading →

In the last few decades, we've seen cybercrime transform from an activity perpetrated by independent lone actors into an increasingly professional business endeavor in pursuit of profit.

Cybercriminals communicate and collaborate, working together and exchanging information on the deep and dark web. But what exactly is up for sale on these underground markets and what does this tell us about threat actor behavior and motivation?

Continue reading →