Independent Security Consultancy, Threat Intell Analyses and Competitive Intelligence research on Demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day.
Disintermediating the intermediaries in the cybercrime ecosystem, ultimately results in more profitable operations. Controversial to the concept of outsourcing, some cybercriminals are in fact so self-sufficient, that the stereotype of a mysterious 76service server offered for rent could in fact easily cease to exist in an ecosystem so vibrant that literally everyone can portion their botnet and start offering access to it on a multi-user basis. Evil? Obviously. Extending the lifecycle of a proprietary malware tool? Definitely. more»
There seems to be no such thing as a free phishing page these days, with phishers scamming one another at an alarming rate according to a recently published research entitled "There is No Free Phish: An Analysis of "Free" and Live Phishing Kits". Cybercriminals attempting to scam other cybercriminals has been happening for years, with old school cases where backdoored malware tools such as crypters and binders are offered for free, or a newly released RAT whose client is in fact infected with a third-party malware... more»
It gets very ugly when someone owns both, the botnet, and the portfolio of parked domains actively participating in pay per click (PPC) advertising programs, where the junk content, or the typosquatted domain names are aiming to attract high value and expensive keywords in order for the scammer to earn higher on per click percentage. This is among the very latest tactics applied by those engaged in click fraud activites. more»
How much malware is your antivirus solution detecting? A million, ten million, even "worse", less than a million? Does it really matter? No, it doesn't. What's marketable can also be irrelevant if you are to consider that today's malware is no longer coded, but generated efficiently and obfuscated on the fly. Sophos's recent statistics: "It is estimated that the total number of unique malware samples in existence now exceeds 11 million, with Sophos currently receiving approximately 20,000 new samples of suspicious software every single day -- one every four seconds." more»
This email hacking as a service offering is the direct result of the public release of a do it yourself hacking kit consisting of each and every publicly known vulnerability for a variety of web based email service providers, with the idea to make it easier for someone to execute their attacks more efficiently. Outsource the hacking of someone's email, and receive a proof in the form of a screenshot of the inbox, next to a guarantee that you'll be able to get back in even after they've changed their passwords? Too good to be true, but since they only charge after they provide you with a proof that they did the job, they could be in fact attempting to hack these emails, compared to the majority of cases where scammers scam the scammers. more»
Last week's mass defacement of over 300 Lithuanian sites hosted on the same ISP, an upcoming attack that was largely anticipated due to the on purposely escalated online tensions out of Lithuan's accepted legislation banning communist symbols across the country, once again demonstrates information warfare building capabilities in action. Moreover, the attack is again relying on common prerequisites for a successful information warfare campaign, used in the Russia vs. Estonia cyberattack last year. These very same Internet PSYOPS tactics ensure the success of the information warfare as a whole... more»
It's one thing to start efficiently registering thousands of email accounts at reputable email providers by automatically breaking their CAPTCHA authentication, and entirely another to build a business model on the top of it next to the opportunity to abuse if for your own malicious purposes. Which is exactly what we have here, an underground service that's selling registered accounts at Gmail, Yahoo, Hotmail and the most popular Russian email providers in the thousands. more»
