After Slow Start in 2016, Point-of-Sale Breaches Surging

Last week Eddie Bauer became the latest in a growing string of companies to announce a major point-of-sale-related breach. All 350 North American stores were affected by malware that may have siphoned off customers’ payment card information between January and July of this year. Not all cardholder transactions were impacted, the company said, and the breach does not include any… Read More

Does Your Cyber Threat Intelligence Tell a Story?

I began at SurfWatch Labs several years ago with one primary directive: be a story teller. Cybercrime impacts everyone, I was told, yet many business owners, executives and employees know next to nothing about cybersecurity.  For the most part those people were either unaware, assumed their business would never be a targeted by hackers, or… Read More

Typosquatting: Easy Attack Vector That Produces Results

Every week here at SurfWatch Labs our team of threat analysts write about new vulnerabilities, malware developments and cyber-attacks.  One attack vector that is not mentioned very frequently but can be a significant threat for organizations and consumers alike is a technique called typosquatting. Typosquatting is an attempt to trick users into thinking they have landed on their desired website,… Read More

IcyEagle: A Look at the Arrest of an Alleged Dark Web Vendor

Last month Aaron James Glende, 35, was arraigned in U.S. District Court in Atlanta on charges related to selling stolen bank account information on the Dark Web market AlphaBay. According to the indictment, Glende operated under the alias “IcyEagle” and began advertising his criminal services in late 2015. Although the exact picture of how law… Read More

Payment Transactions Face New Data Breaches and Exploits

The last few weeks have not been kind to businesses and customers concerning payment transactions and digital currency. Several point-of-sale systems and digital wallet services have come under fire for data breaches and potential financial theft — not to mention the recent theft of $68 million worth of bitcoin. The most wide-reaching event may be the breach at software… Read More

Top Dark Web Markets: TheRealDeal, Paranoia and Zero-Day Exploits

In trying to demystify the Dark Web, we’ve talked about the customer-friendly features of markets, the hand-holding nature of cybercrime-as-a-service, and the secure payment options that can protect anonymous buyers. As we turn our attention to the exploit-centric TheRealDeal Market, it gives us a chance to examine an aspect of the Dark Web that isn’t so rose-colored:… Read More

Hacking the Presidency: Will Data Breaches Help Decide the 2016 Presidential Election?

The 2016 presidential election hasn’t been without controversy. Both candidates have blemishes on their records that have left many Americans with a bitter pill to swallow when voting comes in November, and cybersecurity has been put front and center in a way never before seen in a U.S. election. Email hacks, data breaches, cybersecurity ineptitude — they’re… Read More

OurMine Hacking Group Trending, What Are They After?

As we mentioned in a previous post, hacktivism activity has been down in 2016 — with the exception of Anonymous. However, there is a new hacktivist group that has been showing up in SurfWatch Labs’ data — OurMine. Over the last two months, OurMine has been the top trending hacktivist group. OurMine made multiple headlines… Read More

Cyber Skills Shortage Continues To Be An Issue

It has been long documented that cybersecurity organizations are struggling to hire qualified personnel. A recent study on the cybersecurity professional gap has reaffirmed this dilemma. Intel Security and the Center for Strategic and International Studies (CSIS) released a global report that outlined the cybersecurity talent shortage crisis. The report, Hacking the Skills Shortage, outlined… Read More

Podcast: DNC Fallout Continues, LastPass Exploit Discovered and Bitcoin is Not Real Money

A new episode of the SurfWatch Cyber Risk Roundup has been posted, Episode 77: DNC Fallout Continues, LastPass Exploit Discovered and Bitcoin is Not Real Money: The fallout from the breach at the Democratic National Committee continued as WikiLeaks published more information and Julian Assange vowed that there was more to come. UK Telecom O2 became… Read More