Cybercriminals have shifted their focus from individuals and smaller businesses to target governments, critical health infrastructure and major corporations to maximize their profits and disruption during the COVID-19 pandemic, a new Interpol report warns.
The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.
The 2020 Vulnerability and Threat Trends Report Mid-Year Update
shows how criminals have taken advantage of the disruption caused
by the pandemic. While organizations were vulnerable and distracted,
hackers developed new ransomware samples and advanced existing
tools to attack critical infrastructure - including...
The modern office is a no longer relevant as a result of the work-from-home surge, says Nathan Howe of Zscaler, who discusses the implications for data security.
In an interview with Nick Holland of Information Security Media Group, Howe discusses:
The demise of the office as we know it;
Why "zero trust" will be...
If the first rule of combating attempted election interference by nation-states is to watch for when it's happening, where does that leave Britain? A scathing report from Parliament's Intelligence and Security Committee concludes that national security was likely trumped by Russian money.
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
Creating a cyber intelligence strategy involves operational and tactical measures as well as technical approaches, says Jeff Bardin, chief intelligence officer at Treadstone 71.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
Did a private cybersecurity firm's report into the "Fxmsp" hacking operation that deduced the identity of the group's alleged leader disrupt a U.S. law enforcement investigation?
The operators behind an updated version of the FakeSpy malware are targeting Android devices using SMS phishing messages to spread the info stealer, according to Cybereason. The messages are designed to appear to come from postal and delivery services.
Is the Fxmsp hacking operation still in business? Experts say Fxmsp earned $1.5 million in illicit profits, thanks to a botnet-based business model that enabled the group to sell remote access to hacked networks. But then it advertised source code allegedly stolen from three anti-virus vendors.
How long does it take to become a reliable, trusted seller in the cybercrime-as-a-service ecosystem? For the Fxmsp hacking collective, experts say the answer is about a year. The group built a botnet that facilitated network intrusions and data exfiltration, but it was driven off cybercrime forums.
Keeping up with advanced threats can be daunting - until we consider what it takes to defend against them. Not all threats are created equal - however, not all defenses are created equal either.
This survey from SANS Institute, in partnership with IBM, uncovers how large, mature organizations deal with advanced...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.
