Cybercrime | SC Media

Cybercrime

How to train your team on data privacy.

Phishing campaign spoofs security awareness training notifications

That anti-phishing training email your employees just received may, ironically, actually be a phishing email, according to cyber threat analysts who recently uncovered a security awareness-themed online social engineering campaign. In a blog post on Wednesday, experts at Cofense reported on a phishing campaign that sends emails purporting to be a notification urging employees to…

History shows, transparency can ease the fallout from a cyberattack

Cybersecurity firms have a responsibility to keep their clients safe from digital attacks. But when they end up the victims, they potentially risk losing credibility with these customers, especially if their operations are disrupted. It’s a potentially juicy extortion scenario for attackers, and we just saw an example of this play out last week when…

Hacker-for-hire groups profit by commoditizing APT tactics

In the span of just over three months, researchers have exposed three mercenary, “hacker-for-hire” groups engaging in industrial espionage and stealing corporate secrets for profit. Despite using tactics, techniques and procedures that are more typical of a nation-state ATP group, these threat actors –  Dark Basin, DeathStalker and an unnamed third entity group detailed late last month by Bitdefender –…

U.S. urges Linux users to secure kernels from new Russian malware threat

Linux users should not assume they are safe from the ambitions and reach of reputed Russian hacking group Fancy Bear, which has been using a newly disclosed malware toolset to establish a command-and-control connection with infected Linux systems. Called Drovorub, the toolset essentially creates a backdoor that enables file downloads and uploads, the execution of…

Next post in Research