Cyber Crime News, Articles and Updates

There's a lot we can learn from 2017's 'big four' breaches

The four main breaches of 2017 had various things in common. No matter how sophisticated the attack, they could all have been avoided. Whether due to a lack of interest, focus, urgency or all three, bad decisions were the key culprit.

Cyber-attacks one of the biggest threats to the world in 2018 says WEF

Cyber-crime joins environmental disasters, large-scale involuntary migration and illicit trade as one of the most notable risks in the world this year, according to the latest Global Risks Report just brought out by WEF.

KillaMuvz pleads guilty to being a sophisticated malware operator

The UK creator of malware resources Cryptex and reFUD.me, used by thousands in the cyber-crime world, has this week pleaded guilty to charges under the Computer Misuse Act and Proceeds of Crime Act.

PCI DSS 2018: What does the future hold?

The vision is that Card Not Present transactions will be increasingly deflected onto other payment channels, completely bypassing the use of card numbers at the website/call centre.

More than half of Danish shipping companies hit by cyber-crime

A survey by the shipping association of the CEO panel comprising of 26 senior executives revealed that the majority of Danish shipping companies - 69 percent - had been hit by cyber-crime according to a report in SMN.

Hackers could get certificates for domains they don't own

Certificate authority Let's Encrypt has disabled TLS-SNI-01 validation on its service. Through the vulnerability, a hacker could have requested certificates for domains that were not theirs.

What does the future hold for cyber-crime?

With more devices able to connect directly to the web, the IOT s continuously expanding. However, cans of worms are waiting to be opened, including data loss, data manipulation and unauthorised access to devices.

How organisations can thrive in the time of phishing attacks

Phishing, smishing and other types of malware are not going anywhere and the risks are only going to rise as mobile becomes a primary device for employees. Companies need to get ahead of the issue rather than responding.

Android banking trojan targets more than 232 apps

Security researchers have found a new strain of malware targeting banking apps on Android devices.

The Paradise Papers - a breach perspective

Leaking of the Paradise Papers raises several questions, as it should for all organisations, including Appleby itself, about how you manage, control and report on access to your sensitive data.

Why are cyber-criminals dumping Bitcoin?

Cyber-crime players are not stupid, which is probably why they are dumping Bitcoin and going with the smart(er) money...

SWIFT framework took effect 1 January

After a bevy of cyber-heists in 2017 - one at Bangladesh Bank that raked in US$ 80 million (£59 million) for the modern day bankrobber, the SWIFT Customer Security Controls Framework went into effect 1 January, 2018.

Intelligent defence in the era of global distributed cyber-crime

In the fight against cyber-crime, automation and centralisation enable vulnerability management and incident response teams to dedicate even more resources to acting on intelligence rather than gathering and analysing it.

Retailers need to identify and block threats to online shoppers

To prevent fraud, online retailers need to widen their cyber-security perimeters to encompass virtual geographies such as the deep web and social networking sites to identify and block fraud threats before they are executed.

Three critical steps businesses can take today to defend their networks against IoTroop

Unlike Mirai, the IoTroop bot exploits nine core vulnerabilities as it spreads, and already, experts say those responsible for the bot - who remain unknown - have added more than 100 features to it.

Chief data officers crucial to future-proof businesses & win public trust

Dr Jamie Graves at ZoneFox explains why Chief Data Officers are crucial for future-proofing businesses and winning back the public's trust.

The arms race escalates: cyber-security predictions for 2018

For every business opportunity that our hyper-connected world is creating, that same hyper-connectivity creates criminal opportunity for cyber-attackers.

Predictions A - Z for 2018 - Dystopian or Utopian dawn?

Happy New Year! SC Media UK resumes news reporting on 2 Jan 2018. During the break, catch up on our experts' predictions for a range of positive and negative futures, from the impacts of AI to likely new Zero days.

Microsoft bug CVE-2017-11882 exploited to deliver Loki information stealer

Attackers continue to exploit a recently patched remote code execution vulnerability in the Microsoft Equation Editor component of Microsoft Office, using the bug to deliver a modified version of Loki information-stealing malware.

Free software downloads infecting users with NiceHash cryptominer

Adversaries are using the lure of free online software downloads to infect unknowing victims with a customised version of cryptocurrency mining software from the NiceHash marketplace.

Romanian police arrest five for spreading Cerber, CTB-Locker ransomware

Romanian law enforcement arrested a gang of five men who operated a ransomware distribution organisation that spread Cerber and CTB-Locker.

Hex-Men Trio using compromised SQL servers to conduct mining, DDoS attacks

A series of cyber-campaigns, jointly known as the Hex-Men Trio, that specifically target SQL Servers in order to use them to conduct additional attacks has been identified by Guardicore Labs.

Protecting your business from the scourge of ransomware

Cyber-criminals infect devices, block access and then demand money. Unfortunately, there is no silver bullet to combat ransomware. However, there are steps that can be taken to minimise risk and stop the spread of infection.

A deep dive into ransomware -it's about to get serious

Ransomware is a growing threat & continues to offer criminals a high return on investment. But many ransomware attacks are still under-resourced and designed by low-skilled operators - what happens when this changes?

New polymorphic malware evades three quarters of AV scanners

Emotet offensive sees malware continually repackaging itself to avoid signature-based detection

The three key trends compromising credentials and allowing criminal access

One of the best ways for organisations to lock down data and ensure their "crown jewels" can only be accessed by those necessary is by implementing a privileged account strategy says Lavi Lazarovitz.

The biggest challenges for businesses securing their payments

Overcoming the top five challenges businesses experience when securing their payments: Protecting data in-transit; Failing to test and audit systems; Managing chargebacks; Authenticating transactions; Physical security of data.

Are we too busy with pancakes to get serious about ransomware?

Application Whitelisting ends the weak spot for Zero-Day malware in AV, but false positives may make passive process/service monitoring with alerting a better compromise between prioritising business operations over protection.

Security flaw puts 10 million banking app users at risk

Vulnerability could enable hackers to carry out MitM attacks on bank apps - 10 million users at risk

Action Fraud launches 24/7 helpline to combat cyber attacks

Action Fraud, the UK's national fraud and cyber-crime reporting centre, has launched a 24/7 live cyber-attack helpline. During its pilot since October 2016, Action Fraud's 24/7 cyber-helpline received 377 reports.