Security News

At the same time as they have stepped into the breaches opened up by an increasingly diffused and corporate workforce, the bad guys have taken advantage of an almost universal thirst for information and reassurance with ever more creative spear phishing and whaling attacks. By thinking like them before you start to fight back, which is what we'll be showing you how to do in our webcast "How I'd Attack You", on November 18 at 0900 PT. The Register's own one-man attack surface Tim Phillips will be joined by Dan Fein and Mariana Pereira of cyber defence specialists Darktrace.

Hackers are looking to cash in on the top shopping days in the U.S. - Black Friday and Cyber Monday - as well as other events, like Singles' Day, which recently occurred this week in China. Last year, researchers said that social-media scams and domain-impersonation scams were some of the biggest types of attacks during the holiday shopping season.

"For over a decade, Brovko participated in a scheme to gain access to Americans' personal and financial information, causing more than $100 million in intended loss," said Acting Assistant Attorney General Brian C. Rabbitt of the Justice Department's Criminal Division, in a statement issued Monday. In October, a new variant of the InterPlanetary Storm botnet was discovered, which comes with fresh detection-evasion tactics and now targets Mac and Android devices.

With the U.S. presidential elections a mere few weeks away, the security industry is hyper-aware of security vulnerabilities in election infrastructure, cyberattacks against campaign staffers and ongoing disinformation campaigns. The good news, Olney, said in a recent video interview with Threatpost, is that awareness of election-security threats has increased since the 2016 elections.

The exact process for blocklisting a domain is often opaque, but it's a gradual process involving a measurable reputation for each domain that changes over time. A company afraid of trademark infringement might want to register a domain with every conceivable variation on its name to stop phishers from targeting its customers.

Hackers have stolen nearly a terabyte of data from a Miami-based tech firm, leaking a number of the pilfered files on a Russian hacker forum. A Russian-language note left along with the leaked data alludes to the hackers waiting to see if the company will pay up before releasing the rest of the data, which likely will be more full credit-card information, a treasure trove for hackers, according to the report.

Vectra released its report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks.

Prizes for bad actors can be access to stolen data and tools to make hacks easier, according to new research from Trend Micro. Cybercriminals have put their own spin on passing time with online rap battles, poker tournaments, poem contests, and In-person sport tournaments.

Microsoft reported this week that it has spotted Zerologon attacks apparently conducted by TA505, a notorious Russia-linked cybercrime group. According to Microsoft, the Zerologon attacks it has observed involve fake software updates that connect to command and control infrastructure known to be associated with TA505, which the company tracks as CHIMBORAZO. The fake updates are designed to bypass the user account control security feature in Windows and they abuse the Windows Script Host tool to execute malicious scripts.

Cybercriminals have planted a payment card skimmer on the websites of several organizations using the Playback Now conference platform, Malwarebytes reported on Thursday. The customer websites hosted on it - customers receive a dedicated website which they can use to serve their content - had been injected with a payment card skimmer that allowed the attackers to steal the financial information of users purchasing conference materials from those sites.