I'm looking forward to this week in London, where Jason Tunn of the Metropolitan Police Service will walk us through a high-profile cybercrime investigation that resulted in the 2015 arrest of two British hackers with links to Russia after they attacked leading U.K. banks with the Dridex banking Trojan.
DDoS attacks apparently were directed at the small west African country of Liberia from the same botnet that struck networking services provider Dyn. Were the attacks just a test for a bigger attack to come?
The latest ISMG Security Report features a special report on potential cyber threats that could damage the integrity of the U.S. presidential election. Also, an analysis of the harm caused by Australia's largest breach of personal information.
The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
Microsoft says a zero-day flaw in Windows that was publicly revealed by Google - before a patch was ready - was being exploited by the Russian hacking group known as ATP28 and "Fancy Bear" via spear-phishing attacks.
As investigations into the distributed denial-of-service attack on Singaporean ISP StarHub continue, experts believe that the scale of IoT infections - needed to launch attacks of such severity - and the circumstances perpetuating it are the bigger problems.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.
In a sign that investigators are paying more attention to disrupting stresser/booter services, script-kiddie-friendly Hack Forums recently announced that it will be shutting down its related Server Stress Testing forum.
The latest ISMG Security Report kicks off with a bit of history: Comparing the similarities between remediating the year 2000 data problem, known as Y2K, that enterprises faced at the end of the 20th century with today's initiatives to drive IT security by modernizing information systems.
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.
The online advertising industry has a malware problem that, in part, has driven increased use of ad-blocking software. It's facing a complicated task: Clean up the security problems or face possible regulation.
An evaluation of new U.S. government guidance to prevent the hacking of automotive computers and electronics leads the latest ISMG Security Report. Also, IBM takes responsibility for the impact of a DDoS attack and a preview of the ISMG Healthcare Security Summit.
On the heels of the massive DDoS attack that disrupted DNS services provided by Dyn, Singaporean ISP StarHub's DNS services were likewise targeted. The ISP has blamed customer-owned IoT devices for the attack, but it has not named the malware involved.
The malware-infected IoT army that disrupted domain name server provider Dyn was composed of, at most, 100,000 devices, the company estimates in an after-action report. But claims that the attacks peaked at 1.2 Tbps remain unconfirmed.