How to Steal a Million: The Memoirs of a Russian Hacker

How to Steal a Million: The Memoirs of a Russian Hacker

As a University researcher specializing in cybercrime, I've had the opportunity to watch the Russian carding market closely and write about it frequently on my blog "Cybercrime & Doing Time." Sometimes this leads to interactions with the various criminals that I have written about, which was the case with Sergey ... Read More
Drinkman and Smilianets Sentenced: The End to Our Longest Databreach Saga?

Drinkman and Smilianets Sentenced: The End to Our Longest Databreach Saga?

On Thursday, February 15, 2018, we may have finally reached the end of the Albert Gonzalez Databreach Saga. Vladimir Drinkman, age 37, was sentenced to 144 months in prison, after pleading guilty before U.S. District Judge Jerome Simandle in New Jersey. His colleague, Dmitriy Smilianets, age 34, had also pleased ... Read More
On the Anniversary of the Islamic Revolution, 30 Iranian News sites hacked to show death of Ayatollah Khamenei

On the Anniversary of the Islamic Revolution, 30 Iranian News sites hacked to show death of Ayatollah Khamenei

February 11th marked the 39th aniversary of the Islamic Revolution in Iran, the day when the Shah was overthrown and the government replaced by the Ayatollah Khomeini, called "The Supreme Leader" of Iran. February 10th marked something quite different -- the day when hackers gained administrative control of more than ... Read More
TrickBot's New Magic Trick: Sending Spam

TrickBot’s New Magic Trick: Sending Spam

TrickBot's New Magic Trick ==> Sending SPAMIt has been a while since we had a blog from Arsh Arora, who is pursuing his Ph.D., which has kept him away from blogging for a bit. With his current focus on analyzing Banking Trojans and Ransomware, he came across something this weekend ... Read More
CyberSecurity Awareness Month Tip One: There are no Gift Certificates

CyberSecurity Awareness Month Tip One: There are no Gift Certificates

/
While many corporations have great spam filtering, quite a few small businesses and individuals still deal with a deluge of spam on a daily basis. For some time now, a particular group of criminals have been stealing your personal information by fraudulently offering "Gift Cards" to various things.Just in the ... Read More
Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure

Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure

My friend Neil Schwartzman, the leader of CAUCE, called my attention to a new report from The President's National Infrastructure Advisory Council (NIAC), "Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure." Why is the Coalition Against Unsolicited Commercial Email interested in this? As I've trained law enforcement, banking, ... Read More
DEF CON 18 - BONUS- BLACK HAT- Barnaby Jack - Jackpotting Automated Teller Machines Redux

Europol Announces 27 ATM Black Box arrests

On 18MAY2017 Europol announced that 27 thieves have been arrested across Europe for participating in a ring that conducts ATM Black Box attacks. The arrests were conducted in France (11), Estonia (4), Czech Republic (3), Norway (3), the Netherlands (2), Romania (2), and Spain (2) over the course of 2016 ... Read More
Kelihos infection spreading by Thumb Drive and continues geo-targeting

Kelihos infection spreading by Thumb Drive and continues geo-targeting

/
I've mentioned before how proud I am that my students are extremely passionate about CyberCrime. My guest blogger 'Arsh Arora' is on a visit to his hometown New Delhi, India to attend a wedding. Instead of having fun, he is monitoring Kelihos botnet from a different geographical location than US ... Read More
"Microsoft notification" leads to Pharma Redirector on Steroids

"Microsoft notification" leads to Pharma Redirector on Steroids

Today while investigating spam in the PhishMe spam collection, I started looking at a spam campaign that used two distinct subject lines:Subject: Microsoft notificationSubject: Windows notificationThe body of the email looked like this:NOT Your Friend!In true botnet style, every single email had a different "friend name." The three links at ... Read More
FTC Takes Action Against Insecure IoT Devices from D-Link

FTC Takes Action Against Insecure IoT Devices from D-Link

I still love to listen to GRC's Steve Gibson on the program Security Now! A few weeks back, Steve said "The S in IoT is for Security" which made me laugh perhaps far too much. As we discover more with each passing day, it seems there is no Security in ... Read More
Loading...