Cybercrime

Sextortion scammers getting creative - We’ve covered sextortion before, focusing in on how the core of the threat is an exercise in trust. The threat actor behind the campaign will use whatever information available on the target that causes them to trust that the threat actor does indeed have incriminating information on them. (They don’t.) But as public awareness of...

Cybercrime | Social engineering

Sextortion scammers getting creative

November 26, 2019 - We’ve covered sextortion before, focusing in on how the core of the threat is an exercise in trust. The threat actor behind the campaign will use whatever information available on the target that causes them to trust that the threat actor does indeed have incriminating information on them. (They don’t.) But as public awareness of...

Read more
IoT bills and guidelines: a global response - IoT laws and guidelines abound, as we take a look what's happening around the world in the name of securing Internet-connected devices.

IoT | Privacy

IoT bills and guidelines: a global response

November 22, 2019 - IoT laws and guidelines abound, as we take a look what's happening around the world in the name of securing Internet-connected devices.

Read more
Mobile Menace Monday: Dark Android Q rises - The Android Q operating system is being developed with privacy and security in mind. We take a look at both, examining new features intended for giving users better control of their devices and data.

Mobile | Mobile Menace Monday

Mobile Menace Monday: Dark Android Q rises

July 29, 2019 - The Android Q operating system is being developed with privacy and security in mind. We take a look at both, examining new features intended for giving users better control of their devices and data.

Read more
No man’s land: How a Magecart group is running a web skimming operation from a war zone - We take a look into a Magecart group's web skimming activities, which are relying on a bulletproof-friendly host in battle-scarred Luhansk, Ukraine to provide cover for their activities, safe from the reach of law enforcement and the security community.

Cybercrime

No man’s land: How a Magecart group is running a web skimming operation from a war zone

July 18, 2019 - We take a look into a Magecart group's web skimming activities, which are relying on a bulletproof-friendly host in battle-scarred Luhansk, Ukraine to provide cover for their activities, safe from the reach of law enforcement and the security community.

Read more
Governments increasingly eye social media meltdown - It seems problems never quite go away for social media platforms, and more governments of the world are taking keen interest. Will the tech giants be able to sort things out before legislators steps into the fray?

Cybercrime | Privacy

Governments increasingly eye social media meltdown

May 22, 2019 - It seems problems never quite go away for social media platforms, and more governments of the world are taking keen interest. Will the tech giants be able to sort things out before legislators steps into the fray?

Read more
Skimmer acts as payment service provider via rogue iframe - Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something's not right when they are redirected to the real (and external) payment form.

Cybercrime | Malware

Skimmer acts as payment service provider via rogue iframe

May 21, 2019 - Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something's not right when they are redirected to the real (and external) payment form.

Read more
Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability - This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Cybercrime | Exploits

Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability

May 15, 2019 - This month marks two years since the infamous WannaCry attack. Now a Remote Desktop Protocol (RDP) vulnerability has been discovered that could be used in a similar large-scale attack—though Microsoft has released a patch. Have you updated yet?

Read more
WhatsApp fix goes live after targeted attack on human rights lawyer - A fix was rolled out for a WhatsApp vulnerability, which was used to inject spyware into mobile devices and target a human rights lawyer.

Cybercrime | Mobile

WhatsApp fix goes live after targeted attack on human rights lawyer

May 14, 2019 - A fix was rolled out for a WhatsApp vulnerability, which was used to inject spyware into mobile devices and target a human rights lawyer.

Read more
Cryptojacking in the post-Coinhive era - Cryptojacking captured everyone's attention in 2017 and 2018. With Coinhive no longer in business, has this threat been completely snuffed out?

Cybercrime

Cryptojacking in the post-Coinhive era

May 2, 2019 - Cryptojacking captured everyone's attention in 2017 and 2018. With Coinhive no longer in business, has this threat been completely snuffed out?

Read more

Select your language