The U.S. Federal Trade Commission's building in Washington (Photo: Faungg via Flickr/CC)

Facebook Takes $3 Billion Hit, Anticipating FTC Fine

Jeremy Kirk • April 25, 2019

Facebook has set aside $3 billion from its first quarter profit to pay for what is likely to be a record-breaking fine from the U.S. Federal Trade Commission. But will mega-fines lead to the reform of tech giants' questionable privacy and security practices?

Cybercrime

Spear Phishing - Top 3 Threats

Latest

ATM Fraud

'Silence' Cybercrime Gang Targets Banks in More Regions

Scott Ferguson • April 23, 2019

Known for targeting banks and ATMs in Russia and other Eastern European countries, the "Silence" gang apparently is now expanding into other regions, using a combination of custom malicious tools and "living-off-the-land" techniques, researchers report.

Anti-Fraud

The FBI's RAT: Blocking Fraudulent Wire Transfers

Jeremy Kirk • April 23, 2019

Fraud, e-hustles and social engineering attacks continues to proliferate, the FBI's latest report into the state of internet crime confirms. But over the past year, a new FBI tactic for quickly stopping fraudulent wire transfers has notched notable successes.

Cybercrime

Leak Exposes OilRig APT Group's Tools

Scott Ferguson • April 19, 2019

A set of malicious tools, along with a list of potential targets and victims, belonging to an APT group dubbed OilRig has leaked online, exposing some of the organization's methods and goals, analysts say.

Cybercrime

Not So 'Smart' - Child Tech Has Hackable Flaws

Mathew J. Schwartz • April 19, 2019

A warning that a smartwatch marketed to parents for tracking and communicating with their children could be coopted by hackers leads the latest edition of the ISMG Security Report. It also reviews how a DNS hijacking campaign is hitting organizations and how "dark patterns" trick users.

Blockchain & Cryptocurrency

10 Highlights: Cryptographers' Panel at RSA Conference 2019

Mathew J. Schwartz • April 17, 2019

From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.

DDoS

Ecuador Hit With 'Cyberattacks' After Assange's Arrest

Scott Ferguson • April 17, 2019

The government of Ecuador has been hit with millions of "cyberattacks" following its withdrawal of asylum protection for WikiLeaks founder Julian Assange and his arrest by British police last week, an Ecuadorian official says.

Data Breach

Wipro Detects Phishing Attack: Investigation in Progress

Suparna Goswami • April 16, 2019

Indian IT service firm Wipro on Tuesday said that it has detected abnormal activities on some of its employee accounts due to an advanced phishing campaign. An investigation is continuing, the company confirms.

Cybercrime

Silk Road 2.0 Operator Sentenced to Prison

Scott Ferguson • April 15, 2019

An unemployed British man has been sentenced to more than five years in prison for his role in operating the Silk Road 2.0 darknet site, which succeeded the original Silk Road website after the FBI closed it in 2013, U.K. authorities say.

Cybersecurity

Australian Child-Tracking Smartwatch Vulnerable to Hackers

Jeremy Kirk • April 15, 2019

An Australian company that markets a smartwatch that lets parents monitor their children shut down its service on Monday after researchers revealed hackers could track a child's location, spoof the location, add themselves as a "parent" and view personally identifiable information associated with the account.

Anti-Malware

US CERT Warns of N. Korean 'Hoplight' Trojan

Scott Ferguson • April 12, 2019

U.S. CERT has issued a fresh warning about a newly discovered Trojan called Hoplight that is connected to a notorious APT group with links to North Korea. The malware has the ability to disguise the network traffic it sends back to its originators, making it more difficult to track its movements.

Anti-Malware

Two Romanian Nationals Convicted in 'Bayrob' Malware Case

Scott Ferguson • April 12, 2019

Two Romanian nationals have been convicted by a federal jury for their roles in stealing more than $4 million from victims by creating a botnet of more than 400,000 PCs through custom-designed malware called Bayrob.

Application Security

Another Scathing Equifax Post-Breach Report

Nick Holland • April 12, 2019

The latest edition of the ISMG Security Report features an update on a congressional report that slams Equifax for lacking a strong cybersecurity culture. Also featured: A new study on the status of women in the cybersecurity industry and the use of Android phones as security keys.