Weekly Cyber Risk Roundup: Bad Rabbit Halted, Law Firm Breach Raises Questions

The week’s top trending event was the outbreak of Bad Rabbit ransomware, which quickly spread across Russia and Eastern Europe before most of the infrastructure behind the attack was taken offline hours later.  Bad Rabbit was largely spread via watering hole attacks using compromised news media websites that prompted users to install a fake “Flash… Read More

‘Tis the Season: How Cybercriminals Perpetuate Gift Card Fraud

Two months ago, Fan Xia, a 29-year-old research assistant from UW-Milwaukee’s engineering department, was arrested for laundering more than $300,000 via an international scheme involving gift cards. According to the criminal complaint, Xia would receive gift card information from scammers in India, use that information to buy iTunes and Google Play gift cards, and then… Read More

Weekly Cyber Risk Roundup: DDoS Attacks Hit Sweden, Researchers Warn of ROCA

The Swedish Transportation Administration and other related agencies were among the week’s top trending cybercrime targets due to a series of distributed denial-of-service (DDoS) attacks that led to services being disrupted earlier this month. The DDoS attacks against the Swedish Transportation Administration affected all of its web-based systems, including the IT system that manages train orders,… Read More

Payment Card Fraud and Cryptocurrency Attacks Saw Significant Increase Last Quarter

The financials sector saw an increase in incident volume in the third quarter of 2017, and much of that increase revolved around cyber-attacks targeting various cryptocurrency platforms, as well as payment card breaches in the consumer goods sector that led to increased fraud activity on cybercriminal markets. Key takeaways from SurfWatch Labs’ threat intelligence findings… Read More

Weekly Cyber Risk Roundup: Kaspersky’s Alleged Espionage and SmartVista Bug Unpatched

The National Security Agency and Kaspersky Lab were once again among the week’s top trending targets due to continued reporting around Kaspersky’s alleged involvement in the 2015 theft of classified materials from the home computer of an NSA employee. As we noted last week, sources told the The Wall Street Journal that a contractor took… Read More

Weekly Cyber Risk Roundup: Yahoo Breach Expands, Equifax Grilled, Another NSA Insider

Yahoo and Equifax were both back in the news this week due to new details emerging around their respective data breaches, including Yahoo revising the number of affected accounts to three billion and Equifax’s former CEO being grilled before Congress. Yahoo had previously stated that its 2013 data breach affected one billion user accounts, which… Read More

How to Organize and Classify Different Aspects of Cyber Threat Intelligence

Over the past few years, cyber threat intelligence has matured to cover many different aspects of business. What threat intelligence is and how people view and define it can vary quite a bit depending on the vendor providing the intelligence, the business unit consuming that intelligence, the deliverables expected of the intelligence, and the ultimate… Read More

Weekly Cyber Risk Roundup: Deloitte Breached and More Possible Supply Chain Attacks

Deloitte, one the world’s “big four” accounting firms, was the week’s top trending new cybercrime target after it was reported that the firm experienced a breach that compromised some of its clients’ information. The Guardian reported that Deloitte clients’ information was compromised after a malicious actor gained access to the firm’s global email server through… Read More