The ransomware-as-a-service operation known as Cerber is earning at least $200,000 per month via ransoms paid by victims, says Check Point Software Technologies' Gadi Naveh. In an audio interview, he explains that bitcoins and high levels of automation are key to the operation's success.
This year, the annual Black Hat Europe conference decamps from Amsterdam to London. What's in store? Everything from mobile ransomware and quantum-resistant crypto to "ego markets" and how to turn Belkin IoT devices into launch pads for DDoS attacks.
After 10 days of Microsoft not issuing an advisory or fix for a zero-day flaw found by Google that's being actively exploited in the wild, Google publicly revealed details of the flaw. But Microsoft says that puts its users at further risk.
The malware-infected IoT army that disrupted domain name server provider Dyn was composed of, at most, 100,000 devices, the company estimates in an after-action report. But claims that the attacks peaked at 1.2 Tbps remain unconfirmed.
Chinese manufacturer Xiongmai will recall up to 10,000 webcams in the wake of the IoT-powered DDoS attacks that pummeled DNS provider Dyn. But information security experts say that only a more resilient internet will blunt future attacks.
For more than a decade, Christy Wyatt was immersed in mobile security - most recently as CEO of Good Technology. Now she has re-emerged as CEO of Dtex Systems. What new challenges does this role pose to the veteran security and technology leader?
Chinese manufacturer Xiongmai has promised to replace or patch some IoT components that attackers are using to build massive internet of things Mirai botnets to wage DDoS attacks, such as the Oct. 21 disruption of DNS provider Dyn. But security experts question whether these moves will blunt future IoT attacks.
Neutering the army of web-connected devices used in the large internet attack that hampered access to major sites - including Amazon, PayPal, Spotify and Twitter - is technically possible. But no option offers either a great or near-term fix.
When it comes to describing the top fraud threats to UK financial institutions, it's all about compromised identities and credentials, says John Marsden of Equifax. How can organisations prove their customers are who they say they are?
Russian hackers may think twice before traveling outside the country for a vacation in light of the arrest of alleged 2012 LinkedIn hacker "Yevgeniy N." by Czech police at a restaurant in Prague earlier this month.
As U.S. ATM operators face MasterCard's Oct. 21 EMV liability shift deadline, a surge in explosive attacks against European ATMs is a reminder that anti-fraud features won't block all money machine crime.
A "bottom-up" approach to IoT security is essential, starting with the hardware as the "root of trust" and then addressing the operating systems and applications, says Wind River's Thilak Ramanna, who calls for the development of standards to ensure security is baked into devices.