Security News

An alert issued Monday by the Cybersecurity and Infrastructure Security Agency and the FBI urged organizations to be on guard for ransomware attacks that take advantage of worker downtime during Thanksgiving. Launching cyberattacks during a holiday or even a weekend is hardly a new strategy for criminals.

The research found that fraud fighters - professionals tasked with investigating and prosecuting insurance fraud - in North America were the least prepared for threats from abroad. "Organized rings, both foreign and domestic, are stealing billions," Coalition Co-Chair David Rioux of Erie Insurance said. Globalized insurance fraud is not a priority at all for 27.7% of respondents and a low-to-medium priority for 57.5% of respondents, leading to a lack of resources and time invested in day-to-day operations fighting global insurance fraud.

This year saw multiple examples of advanced persistent threats under the spotlight, allowing us to predict what threats might lead the future. Advanced persistent threats, which focus on cyberespionage goals, are a constant threat to companies, governments and freedom activists, to name a few.

Learn how to build a resilient disaster response plan Webinar You can’t predict when a disaster will strike your organisation, whether it’s extreme weather, workplace violence, or a cyber attack.…

While the volume of malicious apps targeting mobile devices is not as high as those plaguing desktops, these apps are common-especially those targeting the Android platform. The unwanted mobile apps we see most often include adware, which monetizes itself by displaying advertising on a device.

71% of VPs and CIOs believe that the high number of cybersecurity tools they use negatively impacts their organization's ability to detect and prevent threats, a Perimeter 81 report reveals. The research evaluated responses from 500 IT professionals at companies with 50 or more employees in the US. It covers new trends in the workforce due to COVID-19, how those changes have affected cybersecurity, and their impact on IT professionals.

Britain's National Cyber Security Centre is prepared to share its cyber defence tech and threat intel feeds with British organisations in need of extra help, it said at the launch of its annual review today. You probably don't want the country's DNS being run by GCHQ! Chief techie Ian Levy highlighted the NCSC's Protective DNS service to The Register as one example of good things the cyber defence organisation has done, with the custom DNS resolver service being used by 1,000 NHS supply chain firms to prevent their devices visiting known malicious web domains.

While mostly hidden in private conversations, details sometimes emerge about the parallel economy of vulnerability exploits on underground forums, revealing just how fat of a wallet some threat actors have. If it takes too long, developers may lose the chance to make big money because competitors may come up with an exploit variant, dragging down the price.

The latest organized crime threat assessment from Europol issues a dire warning about the corrosive effect the rising influence of criminal syndicates is having on both the economy and society of the European Union. "The online environment and online trade provide criminals access to expertise and sophisticated tools enabling criminal activities," The Europol Threat Assessment said.

Out of over a thousand top-level domain choices, cyber-criminals and threat actors prefer a small set of 25, which accounts for 90% of all malicious sites. "First, we only study domains categorized by the Advanced URL Filtering service, and we only consider registered domains. Additionally, we validate whether domains existed the past one year by checking zone files and passive DNS, and by issuing active DNS queries. We do not consider domains that we categorize as parked, insufficient content or unknown for our calculations," explains the research by Palo Alto Networks Unit42.