Category Archives: Cybercrime and Cyber Attacks

Delving into the World of Business Email Compromise (BEC)

Business Email Compromise (BEC) attacks have expanded tremendously over the past few years, with a projected growth of over $9 billion in 2018. The combination of simplicity and effectiveness have ensured that BEC will continue to be one of the most popular attacks, especially for those who lack special tools and knowledge to pull off more complicated schemes. Continue reading

Why Stand-Alone IDPS Matters More Than Ever, and the 2018 Gartner Magic Quadrant

First, What is IDPS and Why Do We Care? 

Intrusion Prevention Systems (IPS) emerged as an improvement on Intrusion Detection Systems (IDS).  IDS are out-of-band collectors of network traffic that analyze the information and provide alerts.  Continue reading

Security Round-up: Five Things We’ve Learned in 2017

The past 12 months have been packed with geopolitical incident, global malware threats and ubiquitous big-name data breaches. From the CIA Vault7 and NSA Shadow Brokers leaks at the start of the year, to the WannaCry and NotPetya ‘ransomware’ campaigns, and Uber’s shock revelations just last month, there’s been plenty for CISOs to ruminate on. But now the year is nearly at an end, it might be useful to recap some of the biggest themes of 2017 — with an eye on fortifying systems for the 12 months to come. Continue reading

12 Threats of Christmas

There’s an old English Christmas carol “The 12 Days of Christmas”, a cumulative song about 12 gifts that keep getting ‘grander’. As our Christmas gift to you, we wanted to list the top threats to be aware of heading into 2018, from least to most pressing. Let’s look at the vulnerabilities and potential points of attack to take into account for next year’s priorities: Continue reading

Pacemaker security risks: the ‘heart of the matter’ brought by RTL … and explained by Trend Micro

The problem is not new to security specialists, but it gradually sinks in with the rest of the world as well: the more pacemakers are connected to the internet for any form of communication, the more security risks arise. Following a recall action by pacemaker manufacturer Abbott, thousands of Belgians had to come to the hospital to have their device upgraded, on order to shield it from possible hacking events. Continue reading

From GDPR to Game of Thrones: ‘winter is coming’ for security officers?

Astonishing results in our GDPR survey among top managers in Europe and the United States: most managers excel at foolhardiness and ignorance. Equally astonishing news last summer for Game of Thrones fans: the plot of the season 7 finale was leaked online weeks before the tv broadcast. If you think these two facts are unrelated, think again! Continue reading

When Phishing Starts from the Inside

A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials of the user. Internal phishing emails are used in both targeted attacks, where the aim is to steal information or commit extortion, and common with Business Email Compromise (BEC) schemes designed to steal money. Because the sender is an internal and trusted user, the recipient is more likely to take action on the email. Continue reading

What can the Dark Web teach us about security?

Ever since the law enforcement takedown of the Silk Road underground marketplace in 2013, there has been increasing interest in the depth and breadth of the Dark Web. This portion of the internet has been largely shrouded from the public eye. But it represents an environment in which hackers can converse or share malicious code and strategies. And make a profit from the information stolen during the ever-increasing cyber attacks taking place.

Continue reading

Digital Voice Assistants: New Front in War on IoT Hackers

As the Internet of Things (IoT) permeates further into our lives, the potential for hackers to line their pockets or disrupt  critical infrastructure moves increasingly from theory to practice. For those IT and business leaders looking for more guidance, check out our CLOUDSEC conference next week, 5 September. Continue reading