Digital Shadows released its quarterly research report focusing on the latest trends in ransomware. Unfortunately, for vulnerable organizations everywhere, Digital Shadows Photon Research team found that ransomware as a market and community on the dark web has expanded since Q2.
Attacks within digital communications channels (like Slack, TEAMS, Twitter, Facebook, LinkedIn) have grown more targeted, more social engineering-focused, and the payloads have become "softer,” and the risks are not in files and links/IP's alone anymore. Instead, recent attacks are laser-targeted and evade traditional detection by focusing on human connections. To find out more about these “soft attacks,” we talk to Otavio Freire, CTO, President & Co-Founder SafeGuard Cyber.
Norway has blamed Russia for the August cyberattack that targeted the email system of the country's parliament. "Based on the information the government has, it is our view that Russia is responsible for these activities," Foreign Minister Ine Eriksen Soreide said in a statement, the Moscow Times reports.
A security researcher published a blog outlining the details of common misconfigurations in Salesforce that can result in guest users, or hackers leveraging guest user access, gaining access to sensitive data in Salesforce.
Survey data acquired by Finbold.com indicates that about 68% of hackers initiate attacks in order to be challenged. The survey featured over 3,150 respondents from at least 120 countries and territories.
Recently, broader social dynamics, related to gender and nationality, in particular, are shaping the activity of cybercriminal forums. Digital Shadows explored this trend in a new analysis blog, "Unpicking Cybercriminals’ Personalities - Part 1: Gender and Nationality," that looks at how the dynamics of gender and nationality play out in cybercriminal forums and how it’s shaping cybercrime trends as a result.
Researchers find traditional threshold-based attack detection is no longer reliable with new bit-and-piece changes
September 25, 2020
Attackers shifted tactics in Q2 2020, with a 570% increase in bit-and-piece DDoS attacks compared to the same period last year, according to the new Nexusguard Q2 2020 Threat Report. Perpetrators used bit-and-piece attacks to launch various amplification and elaborate UDP-based attacks to flood target networks with traffic.
Digital Shadows has analyzed the cybercriminal marketplace landscape following the Empire Market exit scam. The company’s research has identified a number of currently available dark web marketplaces popular within the cybercriminal community. Noting the impact of the closure of Empire Market, some marketplaces, such as Icarus Market, have seen a major spike in listings, from 25,000 to 35,000 in the last month.
As much of the world continues to hunker down at home in response to COVID-19, threat actors continue to find ways of exploiting the crisis to gather sensitive and valuable information from individuals. But while we’re busy making sure that our primary computers and cloud-based accounts are locked down, it’s often the devices we least suspect – our smartphones – that provide the opening that hackers need. The 2018 hacking of Jeff Bezos’s iPhone X, perhaps the most famous example of smartphone hacking, provides an important reminder that these most personal of devices should be used with appropriate caution, especially in this time of upheaval.
This month in Security magazine, we explore how Corning's global security group ensured business continuity and employee safety during the global COVID-19 pandemic. Also, we highlight the global security team at Uber and their recent security programs and initiatives. Industry experts discuss travel safety programs, career hackers, working for terrible bosses, group attribution error and more.