Security News

Attacks growing increasingly sophisticated and destructive. As eCrime groups grow more powerful, these attacks have grown increasingly sophisticated and destructive - respondents reported that 82 percent of attacks now involve instances of counter incident response, and 55 percent involve island hopping, where an attacker infiltrates an organization's network to launch attacks on others within the supply chain.

HSB Cyber Suite has your business covered, adding new insurance protection and risk management services, including website security scans and computer system upgrades to help prevent future cybercrimes, HSB announced. HSB Cyber Suite provides a comprehensive collection of cyber insurance and services designed to protect small and medium-size businesses from cyber-attacks, data breaches, identity theft, cyber extortion, and misdirected payment and computer fraud.

You've probably seen the news that six Russians, allegedly employed by the Russian Main Intelligence Directorate, better known as the GRU, have been charged with cybercrimes by the US Department of Justice. The indictment of the Russian GRU hackers related to the attacks referred to collectively as "Sandworm" is an interesting development in attempts by Western governments to rein in foreign adversary attacks.

European and American officials said Thursday that they have arrested 20 people in several countries for allegedly belonging to an international ring that laundered millions of euros stolen by cybercriminals through malware schemes. The international police operation "2BaGoldMule" led by Portuguese investigators and the FBI included 14 more European countries, under the umbrella of Europol.

The FIN11 financial crime gang is shifting its tactics from phishing and credential-theft to ransomware, researchers said. According to FireEye Mandiant researchers, FIN11 is notable for its "Sheer volume of activity," known to run up to five disparate wide-scale email phishing campaigns per week.

Criminals quickly exploited the pandemic to attack vulnerable people; phishing, online scams and the spread of fake news became an ideal strategy for cybercriminals seeking to sell items they claim will prevent or cure COVID-19. The value of being able to access data of criminal communication on an encrypted network is perhaps the most effective illustration of how encrypted data can provide law enforcement with crucial leads beyond the area of cybercrime.

As we'll explain below, the curiously mangled phrase "To increase the quality and quantity of waste material" doesn't just refer to the ruined files that a ransomware attack leaves behind after they've been scrambled with a cryptographic key known only to the crooks. Even though the twisted history of ransomware groups can be hard to follow - at least, those who haven't been caught and prosecuted - it looked as right away as though the report of the gang's demise was a scam all of its own, and that they almost immediately returned with a ransomware strain known as Sodinokibi.

When attackers first gain access to the network, they will use a variety of techniques to escalate their privileges in order to gain higher level permissions and begin lateral movement. Privilege escalation is the most critical link in the attack chain as it allows an attacker to accomplish several steps, including gaining network persistence, building-in additional backdoors and, ultimately, accessing critical assets.

The Grugq has written an excellent essay on how the Russian cybercriminal gang FIN7 operates. The secret of FIN7's success is their operational art of cyber crime.

The period has seen strong transaction volume growth compared to 2019 but an overall decline in global attack volume. The EMEA region saw lower overall attack rates in comparison to most other global regions from January through June 2020.