Craig Jones, director of cybercrime at Interpol, delivers a keynote presentation at Group-IB's CyberCrimeCon 2020 virtual conference.

Botnet Operators Ditch Banking Trojans for Ransomware

Mathew J. Schwartz • November 25, 2020

Driven by the profits to be achieved via ransomware, most botnet operators have dropped banking Trojans in favor of supporting and running crypto-locking malware attacks, according to security experts who spoke Wednesday at cybersecurity firm Group-IB's CyberCrimeCon 2020 virtual conference.

Cybercrime

Accused Ringleader of FIN7 Hacking Group Pleads Guilty

Latest

Device Identification

Gone in 120 Seconds: Flaws Enable Theft of Tesla Model X

Jeremy Kirk • November 26, 2020

Two vulnerabilities in Tesla's keyless entry system allowed researchers to clone a key fob and drive away with a Model X. The electric vehicle manufacturer is issuing over-the-air updates to fix the flaws, which allegedly center on a failure to validate firmware updates and a faulty Bluetooth pairing protocol.

Business Continuity Management / Disaster Recovery

FBI Warns of Uptick in Ragnar Locker Ransomware Activity

Prajeet Nair • November 25, 2020

The FBI has sent out a private industry alert warning about an increase in attacks using Ragnar Locker ransomware. The operators behind this crypto-locking malware have recently targeted companies that include EDP, Campari and Capcom, researchers note.

Governance & Risk Management

Linux Botnet Disguises Itself as Apache Server

Prajeet Nair • November 25, 2020

The latest Linux version of the Stantinko botnet is designed to disguise the malware as an Apache server to help better avoid security tools and remain hidden, according to Intezer Labs.

Endpoint Security

UK Telecommunications Security Bill Would Ban Huawei

Mathew J. Schwartz • November 24, 2020

The Telecommunications Security Bill introduced by the British government aims to set enforceable, minimum security standards for the nation's telecommunications providers, backed by penalties, including for any company that opted to use equipment from high-risk providers such as China's Huawei.

Cyberwarfare / Nation-State Attacks

Biden Reveals Picks to Head DHS, Intelligence

Scott Ferguson , Doug Olenick • November 23, 2020

President-elect Joe Biden on Monday announced that two former Obama-era officials are his nominees to head the U.S. Department of Homeland Security and the Office of Director of National Intelligence.

Business Continuity Management / Disaster Recovery

COVID-19 Latest: 'We Are Really Struggling'

Tom Field • November 23, 2020

It took 100 days for the world to record its first 1 million COVID-19 infections. A week ago, 1 million cases were added in just over one day. In advance of the Thanksgiving break, pandemic expert Regina Phelps shares insights on the virus, testing and how soon we might see vaccines.

Fraud Management & Cybercrime

Bill Looks to Close Federal Cybersecurity Loopholes

Doug Olenick • November 23, 2020

Sen. Ron Wyden, D-Ore., and Rep. Lauren Underwood, D-Ill., have introduced a bill designed to patch loopholes in the Federal Cybersecurity Enhancement Act of 2015 that they say allow federal agencies to easily avoid implementing required cybersecurity procedures.

Business Continuity Management / Disaster Recovery

From St. Louis to France, Ransomware Victim List Expands

Mathew J. Schwartz • November 23, 2020

Ransomware continues to pummel many types of organizations, recently including South Korea's E-Land retail group, French newspaper Paris-Normandie and a Georgia county school system. A ransomware hit against hosting giant Managed.com has resulted in ongoing site outages for numerous others.

Account Takeover Fraud

Florida Man Gets 3-Year Prison Term for Account Takeover Scam

Chinmay Rautmare • November 21, 2020

A Florida man has been sentenced to 37 months in prison after pleading guilty to a federal laundering money charge stemming from a $9 million business account takeover scheme, according to the Justice Department.

Cybercrime

Fraudsters Use Free Google Services in Phishing Campaigns

Prajeet Nair • November 20, 2020

Fraudsters are increasingly using free Google services to create more realistic phishing emails and malicious domains that circumvent security filters, the security firm Armorblox reports.

Cloud Security

AWS Flaw Allows Attackers to Find Users' Access Codes

Chinmay Rautmare • November 20, 2020

A recently uncovered vulnerability in a class of Amazon Web Service APIs can be exploited to leak AWS identity and access management user and arbitrary accounts, according to Palo Alto Networks' Unit 42.

Cybercrime as-a-service

2 Arrested for Operating Malware Encryption Service

Doug Olenick • November 20, 2020

Europol has arrested two Romanians for allegedly selling services - including malware encryption - that helped cybercriminals circumvent antivirus tools.