Almost as soon as email became widely used, crooks and scammers began using it as a means to defraud people. In today’s world, malicious fake emails continue to be a huge problem for individuals and businesses. Businesses make lucrative targets Losses due to BEC scams are escalating, and criminals are targeting organizations with emails that,…

High profile data breaches resulting from faulty APIs continue to make headlines. In the last few months alone, T-Mobile’s data breach resulted in hackers stealing personal data of more than two million customers while Google shutdown the consumer version of Google+, citing a bug that exposed the personal profiles of up to 500,000 users, with…

Where there’s money, there has always been crime. Traditional bank robbery and physical assaults on ATMs are still a challenge, and now a new breed of cyber-enabled theft—using ATMs as the endpoint for cash-outs— has become a multibillion-dollar problem. One recent raid saw $13.5m stolen from India’s Cosmos Bank. Although the FBI issued a warning…

Security researchers at UC San Diego and Stanford have discovered four new ways to expose Internet users’ browsing histories. These techniques could be used by hackers to learn which websites users have visited as they surf the web. The techniques fall into the category of “history sniffing” attacks, a concept dating back to the early…

Nearly two-thirds of all advanced email attacks used emails impersonating Microsoft or Amazon, according to new research by Agari. Microsoft was impersonated in 36 percent of all (brand) display name impersonation attacks in the third quarter. Amazon was the second most commonly impersonated company, used in 27 percent of these attacks. Amazon and Microsoft run…

Carbon Black released its Quarterly Incident Response Threat Report (QIRTR) aggregating key findings from IR partner investigations during the last 90 days. Key findings Destructive cyberattacks are on the rise. IR firms said that victims experienced destructive attacks 32% of the time Of 113 investigations Carbon Black partners conducted in the third quarter, 41 percent…

NSFOCUS released its H1 Cybersecurity Insights report, which analyzed traffic from January 1, 2018 to June 30, 2018. Crypto miners Since the end of March, the number of crypto mining activities has risen sharply compared to the beginning of 2018. Among all crypto miners, WannaMine was the most active, responsible for more than 70 percent…

ThousandEyes has found that 68 percent of the top 50 companies on the Global Fortune 500 rankings are not adequately prepared for the next major attack on the DNS. Additionally, researchers found similar vulnerability among 44 percent of the top 25 SaaS providers, as well as 72% of the FTSE 100 companies. “Because Digital Experience…

Despite ever increasing investments in security technologies, data breaches and cyber incidents are increasing at a relentless rate, and the problem is projected to keep getting worse. Industry research shows that attacks from ransomware, data compromise, malicious email and credential theft more than doubled to 160,000 incidents per year, with unreported incidents likely bringing the…

According to a new CrowdStrike report, the technology, professional services, and hospitality sectors were targeted most often by cyber adversaries. The actors used a variety of novel tactics, demonstrating particular creativity and perseverance in defense-evasion and credential-access TTPs such as the use of Windows Internal tool, Active Directory Explorer, for one-time credential dumping. Notable percentages…