Security News

A honeypot created by Cybereason to lure cybercriminals and analyze their methods showed that ransomware attacks infiltrate their victims in multiple stages. Using a honeypot, researchers at security firm Cybereason were able to attract multiple criminals using ransomware and follow each stage of an attack.

As a result, the FBI said it expects cybercriminals to target banking customers with fake banking apps and app-based banking trojans. Phony bank apps spoof the actual apps of major banks to trick users into entering their account credentials.

Malicious files masquerading as curriculum vitae are being sent to businesses to install malware that can capture passwords and other sensitive information, says Check Point Research. In a new malware campaign spotted by cyber threat intelligence provider Check Point Research, attackers spoof job seekers by sending out emails with file attachments that claim to be curriculum vitae.

Cybercriminals exposed over 5 billion records in 2019, costing over $1.2 trillion to U.S. organizations, according to ForgeRock. Coupled with breaches in 2018 costing over $654 billion, breaches over the last two years have cost U.S. organizations over $1.8 trillion.

In the first five months of 2020, cryptocurrency crimes have totaled $1.4 billion, indicating that the year 2020 could see the second-highest value in cryptocurrency crimes, outside 2019's whopping $4.5 billion, a CipherTrace report found. The Spring 2020 Cryptocurrency Anti-Money Laundering and Crime report assessed the different tactics cybercriminals are using to commit cryptocurrency offenses.

Sometimes hackers are given more leeway based on why they hack. In a blog post published Thursday, Check Point detailed the exploits of a hacker self-dubbed "VandaTheGod," describing how this person turned from hacktivist to cybercriminal before being identified and reported to law enforcement.

The move to remote working spurred by the coronavirus pandemic has triggered a surge in the use of cloud services. Based on cloud-usage data from 30 million McAfee MVISION cloud users between January and April 2020, the security provider found a 50% increase overall in the use of cloud services.

The hackers have now turned to Dark Web auction houses instead. "Putting the data out there for free to do extortion or to leverage the extortion isn't effective because now the police are involved, the FBI is involved, the Secret Service is involved because Trump was mentioned. They then turned to this auction house called Jokerbuzz," Turnage said. Because of DarkOwl's work offering access to the world's largest dataset of Dark Net and deep web content, the company's researchers have seen the files related to Lady Gaga, Sherwood, and the initial documents related to President Trump.

There has been an exponential growth in phishing and website scams in Q1 2020, according to a Bolster analysis of over 1 billion websites. Of the total number of confirmed phishing and counterfeit pages, 30% were related to COVID-19 - that is over a quarter of a million confirmed malicious websites.

Cybercriminals have been busy devising email campaigns that take advantage of the coronavirus outbreak. In a blog post published Monday, Lastline said that it's detected a variety of threats centered around COVID-19, and many of these threats are infostealers.