Stalking, extortion, and swatting are just a sampling of the cybercrimes UK citizen Joseph James O’Connor has confessed to committing — dating back to a spectacular 2020 Twitter caper where he hijacked famous accounts, including Elon Musk’s, to defraud victims. O’Conner (aka PlugwalkJoe), 23, was extradited from Spain to New York to face charges related…

The Biden White House continued its efforts to shore up US cyber defenses by signing two bills into law, both with the goal of helping cybersecurity expertise and resources flow freely between federal agencies and down to municipalities in need of resources. The first piece of cybersecurity legislation, called the Federal Rotational Cyber Workforce Program…

In November 2020, Group-IB and INTERPOL revealed details about operation Falcon, which targeted members of a Nigerian cybercrime ring engaged in business email compromise (BEC) and phishing. The prolific gang, dubbed TMT, compromised at least 500,000 companies in more than 150 countries since at least 2017. Phishing is TMT’s main attack vector. It also remains…

The attack surface of large enterprises has grown in recent months driven by the new work conditions imposed by the COVID-19 pandemic. The threat has increased in many areas including servers that are directly accessible from the internet, domain names, websites, web forms, certificates, third-party applications and components or mobile apps. While some of those…

Helping healthcare combat cyber attackers

Hospitals and other healthcare organizations around the globe are under immense pressure as they test and care for patients with COVID-19. They are also under siege by cyber attackers. This month, Interpol released a warning to hospitals and other medical organizations saying they are seeing increasing targeted ransomware attacks aimed at these entities. While cybersecurity…

Threat modeling explained: A process for anticipating cyber attacks

Threat modeling definition Threat modeling is a structured process through which IT pros can identify potential security threats and vulnerabilities, quantify the seriousness of each, and prioritize techniques to mitigate attack and protect IT resources. This broad definition may just sound like the job description of a cybersecurity professional, but the important thing about a…