Weekly Cyber Risk Roundup: Adult Friend Finder’s Massive Breach and Securing IoT Devices

Distributed denial-of-service (DDoS) attacks were once again among the most discussed cybercrime events of the week as discussion around the Marai botnet continued and a handful of Russian banks were targeted with attacks powered by compromised Internet-of-Things (IoT) devices. The week also saw one of the largest data breaches ever as the Adult Friend Network… Read More

Recent Campaigns Highlight Evolving Social Engineering Tactics

Over the past month, researchers have observed several new phishing campaigns that demonstrate a more sophisticated and targeted approach to social engineering by threat actors. For example, on Monday Trustwave wrote about the Carbanak gang targeting the hospitality and restaurant sectors. The actors began the attack by using public tools such as LinkedIn to find the names… Read More

Weekly Cyber Risk Roundup: Services Get Disrupted and Hacking Elections

Distributed denial-of-service (DDoS) attacks and other incidents leading to service interruption have been widely discussed in the cybersecurity community ever since the October attack against DNS provider Dyn. This past week saw Marai-driven attacks that reportedly knocked out Internet access for the entire county of Liberia; however, security researchers such as Brian Krebs noted that… Read More

Controlling What You Can Control: Using the Threat Triangle to Gain Focus

With cyber-attacks on the rise and organizations looking for more effective ways to fend off malicious actors, cyber threat intelligence has emerged as a buzzword in cybersecurity. Unfortunately, some of the information being marketed as cyber threat intelligence isn’t backed up by much actual intelligence; rather, it’s just another threat feed to be added to… Read More

Yahoo and Others Face Cybercrime-Related Brand Damage

A month after announcing one of the largest data breaches ever, Yahoo is continuing to deal with the subsequent fallout and reputation damage related to that massive cyber theft. On September 22, Yahoo confirmed that information associated with at least 500 million user accounts was stolen. The day after that breach announcement, Yahoo saw a 474 percent rise in… Read More

Weekly Cyber Risk Roundup: Latest Breaches and Enhanced Security Standards

The massive distributed denial-of-service (DDoS) attack that disrupted websites and services on October 21 was the focal point of a large portion of cybercrime discussion last week. As we noted in a previous post, the attack against DNS provider Dyn has led to widespread concern about insecure Internet-connected devices and calls for government agencies to… Read More