Latest

Business Continuity Management / Disaster Recovery

Ransomware Operations Double Down on Data Leak Sites

Mathew J. Schwartz  •  December 3, 2021

Many ransomware-wielding attackers continue to rely on initial access brokers to easily gain deep access to victims' systems, allowing them to steal data and attempt to pressure victims into paying via data leak sites. Researchers say that the number of victims being listed on such sites has surged.

Business Continuity Management / Disaster Recovery

FBI Seizes Bitcoins From Alleged REvil Ransomware Affiliate

Mathew J. Schwartz  •  December 1, 2021

The FBI has seized 39.9 bitcoins worth $2.3 million from an alleged affiliate of the notorious REvil - aka Sodinokibi - ransomware group. A forfeiture notice filed by the government accuses Russian national Aleksandr Sikerin of having amassed the cryptocurrency via victims' ransom payments.

Blockchain & Cryptocurrency

Cryptocrimes Proliferate: Ransomware, New Threat Campaigns

Prajeet Nair  •  November 24, 2021

Cryptocurrency exchange BTC-Alpha faces a ransomware attack; Morphisec researchers investigate malware that targets cryptocurrency, NFT communities on Discord; and RiskIQ researchers uncover fresh Aggah campaign that deploys clipboard hijacking code to swap a victim's cryptocurrency address.

Blockchain & Cryptocurrency

Youth in $37 Million Crypto Heist; BitConnect Ponzi Payout

Prajeet Nair  •  November 20, 2021

A Canadian teenager is under arrest after allegedly stealing C$46 million ($37 million) in the latest cryptocurrency SIM swap scam. Meanwhile in the U.S., the Department of Justice is going to sell off $57 million worth of cryptocurrency seized from the BitConnect Ponzi scheme.

Account Takeover Fraud

SharkBot Trojan Targets Bank and Cryptocurrency Credentials

Mihir Bagwe  •  November 18, 2021

A newly identified banking Trojan dubbed SharkBot is now targeting banking and cryptocurrency exchange customers across the U.K., Italy and the U.S. through a sideloading campaign and/or a social engineering campaign.

Anti-Money Laundering (AML)

Money Laundering Cryptomixer Services Market to Criminals

Mathew J. Schwartz  •  November 16, 2021

Cryptocurrency-using criminals continue to rely on services designed to launder their virtual currency to give them "clean coins" that are tougher for law enforcement to trace. Experts say such services are widely marketed on cybercrime forums, and sometimes provided directly to ransomware groups' affiliates.

Blockchain & Cryptocurrency

A Security Strategy for the Blockchain

Steve King  •  November 16, 2021

Ari Redbord of TRM Labs, who has had an extensive career in law enforcement, points out that 2020 was a pivotal year for putting cybersecurity on the agenda throughout the government. He discusses securing cryptocurrecy, the blockchain and other elements of the "digital battlefield."

CISO Trainings

Tips for Surviving Big Game Ransomware Attacks

Corey Nachreiner  •  November 16, 2021

Why has the cybercriminal underground put so much effort toward the professionalization of ransomware? Simply put, they are making tons of money from it.

3rd Party Risk Management

US, Israel Expand Cyber Partnership, Announce Task Force

Dan Gunderman  •  November 15, 2021

The U.S. and Israel will expand their diplomatic relationship around cybersecurity, announcing a bilateral task force this week that will support cybersecurity and fintech innovation. The news follows recent action by the U.S. Department of Commerce to blacklist Israeli spyware firm NSO Group.

3rd Party Risk Management

Pace of Cybercrime Evolution Is Accelerating, Europol Warns

Mathew J. Schwartz  •  November 12, 2021

The top cybercrime threats facing organizations in Europe and beyond include ransomware affiliate programs, more sophisticated mobile malware and cryptocurrency-hawking investment fraud, among other types of crime, according to Europol's latest Internet Organized Crime Threat Assessment.

►

Blockchain & Cryptocurrency

ISMG Editors: How Sustainable Is 'Work From Anywhere'?

Anna Delaney  •  November 12, 2021

Four editors at ISMG discuss important cybersecurity issues, including law enforcement agencies' crackdown on ransomware operations, how banks are building their technology stacks to counter card fraud and whether the "work from anywhere" model is beneficial for employees in the long term.

►

Access Management

Cybersecurity Leadership: Cut Through the Zero Trust Hype

Tom Field  •  November 11, 2021

Zero Trust: Is it the operational model that's going to propel us into a more secure future? Or just another marketing message to be tossed onto the pile of past campaigns? In this latest Cybersecurity Leadership panel, the top minds in the sector weigh in on the present and future of Zero Trust.