Security News

A coordinated operation conducted by the FBI and its international law enforcement partners has resulted in disrupting business email compromise schemes in several countries. BEC actors are high-level scammers who trick employees of real companies into making payments to bank accounts under their control, pretending to be a business partner or a firm submitting a legitimate payment order.

A Russian national has been indicted by the US DOJ and added to the FBI's Cyber Most Wanted list for allegedly creating and managing a cybercrime marketplace. Igor Dekhtyarchuk, a resident of Russia, was indicted in the Eastern District of Texas for running the cybercrime marketplace that sold credit cards, access to compromised devices or accounts, and personal information.

Microsoft warns of destructive attacks by Lapsus$ cybercrime group. In a blog post published Tuesday, Microsoft provides insight into the group's tactics and techniques and offers tips on how to protect your organization from these attacks.

With not just ransomware gangs raiding network after network, but nation states consciously turning a blind eye to it, today's chief information security officers are caught in a "Perfect storm," says Cybereason CSO Sam Curry. "One of the values that we [CISOs] give an organization is to start thinking about what is that next level? What are they going to pivot to next?".

How can attackers benefit from NFTs and what measures can you take to avoid becoming a victim? Read on to find out. NFTs can be bought or traded on various dedicated marketplaces.

As Russia's invasion of Ukraine rolls through its second week, a United Nations committee has begun hearings on a proposed new cybercrime treaty Russia has been pushing. "Russia has long turned not only a blind eye to cyber criminals operating in its borders, but has openly and actively support it. It's hard to see how Russia could engage in negotiations for a legally-binding cybercrime treaty in good faith. It's harder still to see how it can negotiate at the United Nations for a treaty based on upholding state sovereignty while simultaneously invading a sovereign nation state."

Fortinet's threat intelligence from the second half of 2021 reveals an increase in the automation and speed of attacks demonstrating more advanced persistent cybercrime strategies that are more destructive and unpredictable. New and evolving attack techniques span the entire kill chain but especially in the weaponization phase, showing an evolution to a more advanced persistent cybercrime strategy that is more destructive and unpredictable.

Threat analysts expect 2022 to be the tipping point for a shift in the focus of hackers from large companies back to consumers. The trend we see now is targeting consumers who hold something valuable, and asking for small ransom payments from a larger number of victims.

Interpol cybercrime director Craig Jones set forward this idea at Acronis's #CyberFit Summit in Singapore on Thursday, dispelling the stereotype of a lone threat actor in a hoodie hunched over a keyboard in favour of an integrated criminal ecosystem. "We are now looking at a business model. Because we've evolved, the criminals have evolved as well in our digital space," said Jones.

As the number of ransomware attacks continue to rise, Blackberry has found as a part of its annual threat report that there may be a shared economy amongst cyber criminals that is growing. "This infrastructure has also incubated a criminal shared economy, with threat groups sharing and outsourcing malware allowing for attacks to happen at scale. In fact, some of the biggest cyber incidents of 2021 look to have been the result of this outsourcing."