Weekly Cyber Risk Roundup: More Payment Card Breaches and Dark Web Arrests

Payment card breaches were back in the news again this week as Forever 21 announced that it is investigating a point-of-sale breach (POS) at some of its stores, and several other organizations issued breach announcements related to stolen payment card data. Forever 21 said that it received a report from a third party about potential… Read More

Weekly Cyber Risk Roundup: Bad Rabbit’s Parallel Attack, Paradise Papers Fallout

October’s Bad Rabbit ransomware attacks were back in the news this week due to a report that a series of phishing attacks occurred at the same time as the Bad Rabbit outbreak, and the parallel attacks may have been carried out by the same group. The discovery also suggests that Ukraine may have been a… Read More

Weekly Cyber Risk Roundup: Spain-Catalonia Conflict Goes Digital, Russian Hacking Revealed

The Spanish government was the week’s top trending cybercrime target due to a series of distributed denial-of-service (DDoS) and other attacks that were orchestrated by the hacktivist group Anonymous. The Anonymous’ campaign against the Spanish government comes on the heels of  Catalonia’s recent referendum on independence. As Miguel-Anxo Murado wrote in The New York Review… Read More

‘Tis the Season: Gift Card Fraud Rampant on the Dark Web

The holiday shopping season is right around the corner, and gift cards are expected to remain as the most requested holiday gift for the tenth year in a row. It should come as no surprise then that gift card fraud has become a booming business for cybercriminals as they attempt to grab a slice of that… Read More

Weekly Cyber Risk Roundup: Bad Rabbit Halted, Law Firm Breach Raises Questions

The week’s top trending event was the outbreak of Bad Rabbit ransomware, which quickly spread across Russia and Eastern Europe before most of the infrastructure behind the attack was taken offline hours later.  Bad Rabbit was largely spread via watering hole attacks using compromised news media websites that prompted users to install a fake “Flash… Read More

‘Tis the Season: How Cybercriminals Perpetuate Gift Card Fraud

Two months ago, Fan Xia, a 29-year-old research assistant from UW-Milwaukee’s engineering department, was arrested for laundering more than $300,000 via an international scheme involving gift cards. According to the criminal complaint, Xia would receive gift card information from scammers in India, use that information to buy iTunes and Google Play gift cards, and then… Read More

Weekly Cyber Risk Roundup: DDoS Attacks Hit Sweden, Researchers Warn of ROCA

The Swedish Transportation Administration and other related agencies were among the week’s top trending cybercrime targets due to a series of distributed denial-of-service (DDoS) attacks that led to services being disrupted earlier this month. The DDoS attacks against the Swedish Transportation Administration affected all of its web-based systems, including the IT system that manages train orders,… Read More

Payment Card Fraud and Cryptocurrency Attacks Saw Significant Increase Last Quarter

The financials sector saw an increase in incident volume in the third quarter of 2017, and much of that increase revolved around cyber-attacks targeting various cryptocurrency platforms, as well as payment card breaches in the consumer goods sector that led to increased fraud activity on cybercriminal markets. Key takeaways from SurfWatch Labs’ threat intelligence findings… Read More

Weekly Cyber Risk Roundup: Kaspersky’s Alleged Espionage and SmartVista Bug Unpatched

The National Security Agency and Kaspersky Lab were once again among the week’s top trending targets due to continued reporting around Kaspersky’s alleged involvement in the 2015 theft of classified materials from the home computer of an NSA employee. As we noted last week, sources told the The Wall Street Journal that a contractor took… Read More

Weekly Cyber Risk Roundup: Yahoo Breach Expands, Equifax Grilled, Another NSA Insider

Yahoo and Equifax were both back in the news this week due to new details emerging around their respective data breaches, including Yahoo revising the number of affected accounts to three billion and Equifax’s former CEO being grilled before Congress. Yahoo had previously stated that its 2013 data breach affected one billion user accounts, which… Read More