Cybercrime News, Articles and Updates

Cross-border transactions are low-hanging fruit for attackers

The Q1 Cybercrime Report from ThreatMetrix, published today, reveals that attackers are paying particular attention to the 'cross-border' transactions of payment processors.

Combat cryptojacking - avoid insecurely configured Kubernetes clusters

Unfortunately there is a lack of knowledge and governance in many businesses around Kubernetes which in turn has created gaps in their security, but there are 3 key ways that organisations can keep their Kubernetes clusters secure.

MacUpdate hacked, cryptocurrency miner apps installed

A cyber-criminal managed to infiltrate the Mac app download site MacUpdate and install maliciously copies of the Firefox, OnyX, and Deeper applications that were in fact cryptocurrency miners.

Fake Symantec site spreads OSX.Proton password stealer

A security researcher using the Twitter handle @noarfromspace last week spotted a fake Symantec blog spreading a new variant of the OSX.Proton password stealer.

Modified video games on Russian forum tainted with WaterMiner cryptominer

A Russian hacker implanted a stealth cryptominer in his creations, including a mod of Grand Theft Auto (GTA) that was recently found on a Russian-speaking forum, available for download.

InfoSec 2017: What are Fancy Bears and why it matters, even for SMEs

SC spoke to Adam Meyers, VP of intelligence at Crowdstrike at this year's InfoSec Europe 2017 about attribution and why it could be useful even for smaller businesses.

InfoSec 2017: Dark web and economic downturns fueling insider threats

Economic hardship, availability of the dark web and the concentration of critical data in the workplace and have combined to create new opportunities for insiders.

Ukraine conflict puts cyber-security high on agenda in Eastern Europe

The military conflict in Ukraine, and the accusations of Russian hackers targeting the Kremlin's political opponents in last November's US presidential election, have put cyber-security higher on the agenda of various countries in Eastern Europe. SC correspondent Jaroslaw Adamowski reports...

Cyber Czar Giuliani's 'cyber doctrine' still unfinished

A legal framework for the US to respond to cyber-offensive operations is still hanging in Limbo as the Director of National Intelligence draws a blank on its status.

Is this the identity of Anna-Senpai, Mirai publisher and botmaster?

Investigative journalist Brian Krebs has published the findings of a massive investigation into the identity of Anna-Senpai, the mysterious publisher of the Mirai source code

French government prepares for cyber-meddling in spring elections

A number of comments by French officials have highlighted fears that foreign interference may marr April and May's presidential elections.

MongoDB kidnappers hold ElasticSearch customer databases to ransom

ElasticSearch databases are now being ransacked and their contents ransomed back to their owners in an attack that looks very similar to MongoDB's recent assault

Most cyber-criminals earn $US1K to US$3K a month, report

It's not that organised cybergangs are raking it in. It's more that a larger number of small operators are benefiting from automated services that can earn them an average of $2,000 (£1593) a month, according to a new report .

Infosec 2016: While cybercriminals cooperate, cops and businesses stumble

While cyber-criminals work together, businesses and law enforcement have a harder time doing so.

Russia's Central Bank to accelerate fight with cyber-criminals

The Bank of Russia is to double the number of staff in its FinCERT unit, a special division set up to fight cyber-crime in the credit and financial sectors.

Gyft resets some customer passwords following breach

Passwords have been reset for a number of Gyft users as a precaution after account data was reported for sale.

Five last minute retail risk mitigations for Black Friday weekend

Most corporate attacks apparently happen on a Friday, but just imagine how much of a threat is posed to retailers this coming weekend which is topped and tailed by Black Friday and Cyber Monday?

Users getting hit by Crypt0L0cker update to TorrentLocker ransomware

In this latest ransomware expect advances in how they are delivered and how they take instructions from the command-and-control server

Defence from denial of service

Kate O'Flaherty reports how distributed denial of service attacks are growing in size and scale, making it important to know what to do before, during and after an attack

RSA 2015: Keynote addresses online safety risks to increasingly connected youths

Technology can't replace the value of online safety education, the key to keeping kids out of predators' paths, panelists shared.

Revenge porn site operator sentenced to 18 years

Kevin Bollaert, 28, operated the now-infamous revenge porn sites U Got Posted and Change My Reputation

Israeli political party's website defaced, possibly as part of #OpIsrael

Days after hacktivist collective Anonymous warned Israeli companies and websites that it would begin its annual cyber-attack campaign against the country on Tuesday, one Israeli political party's website was defaced.

'NewPosThings' malware evolves, malicious traffic traced to airports

Trend Micro believes that point-of-sale malware attackers will increasingly target travellers.