Security News

Compliance automation to confound cyber criminals
2023-05-16 14:03

For companies today, the need to maintain and enhance levels of audit and compliance against the backdrop of an ever-worsening cyber security threat landscape has become more pressing than ever before. Security and compliance breaches can cause operational disruption, lost revenue, customer dissatisfaction, and lead to potentially catastrophic legal or regulatory actions, according to a new white paper published by compliance automation specialist Drata.

U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
2023-05-09 16:57

U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The development comes almost five months after a "Sweep" in December 2022 dismantled 48 similar services for abetting paying users to launch distributed denial-of-service attacks against targets of interest.

Criminal IP FDS: A WordPress Plugin to Block Brute Force Attacks
2023-05-09 14:01

To address this issue, AI Spera released a new WordPress plugin called Anti-Brute Force, Login Fraud Detector, also known as Criminal IP FDS, on May 3rd. The plugin utilizes Criminal IP, an OSINT-based search engine, to provide real-time data and intelligence technology to detect and prevent fraudulent login attempts on WordPress websites comprehensively. What to expect from Criminal IP FDS plugin for WordPress.

Outdated cybersecurity practices leave door open for criminals
2023-04-20 03:30

As organizations increasingly find themselves under attack, the data discovered they are drowning in cybersecurity debt - unaddressed security vulnerabilities like unpatched software, unmanaged devices, shadow IT, and insecure network protocols that act as access points for bad actors. Outdated cybersecurity practices plague organizations.

Criminal businesses adopt corporate behavior as they grow
2023-04-11 03:30

As criminal groups increase in size, they adopt corporate-like behavior, but this shift brings about its own set of challenges and costs, according to Trend Micro. "The criminal underground is rapidly professionalizing - with groups beginning to mimic legitimate businesses that grow in complexity as their membership and revenue increases. However, larger cybercrime organizations can be harder to manage and have more 'office politics,' poor performers, and trust issues. This report highlights to investigators the importance of understanding the size of the criminal entities they're dealing with," said Jon Clay, VP of threat intelligence at Trend Micro.

UK criminal records office confirms cyber incident behind portal issues
2023-04-06 19:38

The UK's Criminal Records Office has finally confirmed, after weeks of delaying issuing a statement, that online portal issues experienced since January 17 resulted from what it described as a "Cyber security incident." ACRO is the country's national law enforcement organization responsible for managing criminal record information, providing criminal records on request, and sharing those records with foreign nations.

Criminal records office yanks web portal offline amid 'cyber security incident'
2023-04-06 08:30

ACRO, the UK's criminal records office, is combing over a "Cyber security incident" that forced it to pull its customer portal offline. In an email to users this week - seen by El Reg - ACRO confirmed it has "Recently been made aware of a cyber security incident affecting the website between 17th January 2023 and 21 March 2023.".

S3 Ep128: So you want to be a cyber­criminal? [Audio + Text]
2023-03-30 19:43

DOUG. Honeypots, patches and the passing of an icon. DUCK. I know where I want it to stop, Doug!

Europol details ChatGPT’s potential for criminal abuse
2023-03-28 09:17

With the increased public interest in ChatGPT, the Europol Innovation Lab took the matter seriously and conducted a series of workshops involving subject matter experts from various departments of Europol. These workshops aimed to investigate potential ways in which large language models like ChatGPT can be exploited by criminals and how they can be utilized to aid investigators in their day-to-day tasks.

DNA testing biz vows to improve infosec after criminals break into database it forgot it had
2023-02-20 20:30

A DNA diagnostics company will pay $400,000 and tighten its security in the wake of a 2021 attack where criminals broke into its network and swiped personal data on over two million people from a nine-year-old "Legacy" database the company forgot it had. The genetic testing firm, DNA Diagnostics Center reached a settlement deal with states' attorneys general in Ohio and Pennsylvania last week, after the social security numbers of 45,000 residents of the two states was exposed, with each of the states getting $200k. DDC offers paternity testing, immigration testing, veterinary DNA testing and forensic testing.