Security News

Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds. The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch authorities intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform between no less than 60,000 users.

Webinar It seems no longer possible to imagine whether it's just a case of if a security breach will occur within your organization, or if malicious actors will exploit a vulnerability to play havoc with your data. Rubrik Zero Labs' latest report into the state of data security doesn't sugar coat the pill, with an astonishing 99 percent of IT and security leaders having been made aware of at least one attack in 2022.

The criminals who hit one of the biggest government-backed dental care and insurance providers in the US earlier this year hung about for 10 days while they extracted info on nearly 9 million people, including kids from poverty-stricken homes. This included a huge range of data, from patients' full names, dates of birth, addresses, telephone numbers, and email addresses to their Social Security numbers, driver's license numbers or government ID numbers, and health insurance information, and in some cases even included dental X-rays.

Uncle Sam announced its commenced over 4,000 legal actions in three months - mostly harshly worded letters - to rein in "Money mules" involved in romance scams, business email compromise, and other fraudulent schemes. Money mules are the individuals who provide money transfer services - occasionally unwittingly - to launder robbery funds.

For companies today, the need to maintain and enhance levels of audit and compliance against the backdrop of an ever-worsening cyber security threat landscape has become more pressing than ever before. Security and compliance breaches can cause operational disruption, lost revenue, customer dissatisfaction, and lead to potentially catastrophic legal or regulatory actions, according to a new white paper published by compliance automation specialist Drata.

U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The development comes almost five months after a "Sweep" in December 2022 dismantled 48 similar services for abetting paying users to launch distributed denial-of-service attacks against targets of interest.

To address this issue, AI Spera released a new WordPress plugin called Anti-Brute Force, Login Fraud Detector, also known as Criminal IP FDS, on May 3rd. The plugin utilizes Criminal IP, an OSINT-based search engine, to provide real-time data and intelligence technology to detect and prevent fraudulent login attempts on WordPress websites comprehensively. What to expect from Criminal IP FDS plugin for WordPress.

As organizations increasingly find themselves under attack, the data discovered they are drowning in cybersecurity debt - unaddressed security vulnerabilities like unpatched software, unmanaged devices, shadow IT, and insecure network protocols that act as access points for bad actors. Outdated cybersecurity practices plague organizations.

As criminal groups increase in size, they adopt corporate-like behavior, but this shift brings about its own set of challenges and costs, according to Trend Micro. "The criminal underground is rapidly professionalizing - with groups beginning to mimic legitimate businesses that grow in complexity as their membership and revenue increases. However, larger cybercrime organizations can be harder to manage and have more 'office politics,' poor performers, and trust issues. This report highlights to investigators the importance of understanding the size of the criminal entities they're dealing with," said Jon Clay, VP of threat intelligence at Trend Micro.

The UK's Criminal Records Office has finally confirmed, after weeks of delaying issuing a statement, that online portal issues experienced since January 17 resulted from what it described as a "Cyber security incident." ACRO is the country's national law enforcement organization responsible for managing criminal record information, providing criminal records on request, and sharing those records with foreign nations.