-
On the Zero-Day Market
New paper: “Zero Progress on Zero Days: How the Last Ten Years Created the Modern Spyware Market“: Abstract: Spyware makes surveillance simple. The last ten years have seen a global market emerge for ready-made software that lets governments surveil their citizens and foreign adversaries alike and to do so more easily than when such work…
-
Microsoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day
Microsoft has warned of surging gift card fraud and sophisticated approaches from the group Storm-0539 Read More
-
Fake Pegasus Spyware Strains Populate Clear and Dark Web
Actors in the clear and dark web are distributing fake source codes of the Pegasus spyware for financial gain Read More
-
Stark Industries Solutions: An Iron Hammer in the Cloud
The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is…
-
UK Government ponders major changes to ransomware response – what you need to know
The British Government is proposing sweeping change in its approach to ransomware attacks, proposing mandatory reporting by victims and licensing regime for all payments. Read more in my article on the Exponential-e blog. Read More
-
Cybercriminals Exploit Cloud Storage For SMS Phishing Scams
According to Enea, these campaigns use cloud storage platforms to host malicious websites, sending links via SMS to bypass firewalls Read More
-
Indian Election Faces Cyber-Attacks, Data Leaks on Dark Web
Resecurity reported a 300% spike in cyber-attacks post-#OpIsrael, intensifying since #OpIndia last year Read More
-
10 years in prison for $4.5 million BEC scammer who bought Ferrari to launder money
A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud schemes. Read more in my article on the Tripwire State of Security blog. Read More
-
NVD Leaves Exploited Vulnerabilities Unchecked
Over half of CISA’s known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NIST’s National Vulnerability Database Read More
-
National Records of Scotland Data Breached in NHS Cyber-Attack
National Records of Scotland said sensitive personal data it holds was part of information stolen and published online by ransomware attackers from NHS Dumfries and Galloway Read More