Latest

Cybercrime

Malicious Tor Bowser Fleeces Darknet Users of Bitcoins

Akshaya Asokan  •  October 18, 2019

ESET researchers have uncovered a new cybercriminal scheme that uses a trojanized version of the Tor Browser for stealing bitcoins from darknet users. So far, the scam has netted about $40,000 in virtual currency so far, the security firm says.

Cybercrime

Sodinokibi Ransomware Gang Appears to Be Making a Killing

Mathew J. Schwartz  •  October 18, 2019

Sodinokibi/REvil appears to be making millions since it seized the ransomware-as-a-service mantle from GandCrab earlier this year. Security firm McAfee says up to 40 percent of every victim's ransom payment - average: $4,000 - gets remitted to the Sodinokibi actor, with "affiliates" keeping the rest.

General Data Protection Regulation (GDPR)

Fresh Privacy Legislation Would Jail CEOs for Violations

Suparna Goswami  •  October 18, 2019

New legislation introduced by Sen. Ron Wyden, D-Ore., would "bring meaningful punishments for companies that violate people's data privacy, including larger fines and potential jail time for CEOs," he says. But can Congress agree on a privacy law?

Fraud Management & Cybercrime

Russia-Linked Cyber Espionage Group APT29 Remains Active

Apurva Venkat  •  October 18, 2019

While the Russian-linked hacking group known as The Dukes, Cozy Bear and APT29 in recent years appeared to have gone somewhat quiet, researchers from ESET report that the hackers have been targeting various European embassies and ministries as part of what the security firm dubs "Operation Ghost."

Cybercrime

Darknet Markets: As Police Crack Down, Cybercriminals Adapt

Nick Holland  •  October 18, 2019

The latest edition of the ISMG Security Report discusses the shutdown of DeepDotWeb. Plus, dealing with breach fatigue and the Pitney Bowes ransomware attack.

Cybercrime

Cybercrime Tool Prices Continue to Rise on Darknet Sites

Akshaya Asokan  •  October 17, 2019

The prices for specific types of cybercriminal tools on darknet sites continue to rise, according to a recent analysis by security firm Flashpoint. Payment card and passport data remain the most sought-after commodities on these forums, research shows.

Cybercrime

Phorpiex Botnet Behind Large-Scale 'Sextortion' Campaign

Apurva Venkat  •  October 17, 2019

Scammers are using the notorious Phorpiex botnet as part of an ongoing "sextortion" scheme, according to Check Point researchers. At one point, the botnet was sending out over 30,000 spam emails an hour and the attackers made about $110,000 in five months, researchers say.

Critical Infrastructure Security

Open Cybersecurity Alliance: In Pursuit of Interoperability

Geetha Nandikotkur  •  October 17, 2019

Eighteen technology companies have formed the Open Cybersecurity Alliance to foster the development of open source tools to improve interoperability and data sharing between cybersecurity applications. But some observers say getting all players to agree on a common platform will be challenging.

Fraud Management & Cybercrime

Domain 'Typosquatting' Hits 2020 US Elections

Jeffrey Burt  •  October 17, 2019

At least 550 fraudulent domains have been aimed at users who accidentally mistype the URL for a political candidate or election-related group, warn researchers at Digital Shadows. While many of these "typosquatting" domains appear to be relatively harmless, some could be more nefarious.

Application Security

How 'Zero Trust' Better Secures Applications and Access

Jeremy Kirk  •  October 17, 2019

Organizations are accepting that the network perimeter no longer serves as the "ultimate defense" and thus adapting zero-trust principles, including least privilege, based on the understanding that they may already have been compromised, says Darran Rolls of SailPoint.

Business Continuity Management / Disaster Recovery

Ransomware Attacks: STOP, Dharma, Phobos Dominate

Mathew J. Schwartz  •  October 16, 2019

Ransomware is once again the most common illicit profit-making tool in online attackers' arsenal, police warn. Security firm Emsisoft says the most-seen strains in recent months include STOP, Dharma .cezar, Phobos, GlobeImposter 2.0 and Sodinokibi. Less widely seen Ryuk also continues to generate big profits.

Blockchain & Cryptocurrency

'Graboid' Cryptojacking Worm Spreads Through Containers

Jeffrey Burt  •  October 16, 2019

Attackers are using Docker containers to spread a cryptojacking worm in a campaign dubbed "Graboid," according to researchers at Palo Alto Network's Unit 42 threat research unit. Although the researchers describe the campaign as "relatively inept," they says it has the potential to become much more dangerous.