Cybercrime

Sponsored
by

Noteworthy

WHOIS History API: Powering Domain Investigations

Domain Research and Monitoring: Keeping an Eye on the Web for You

Reverse WHOIS: A Powerful Process in Cybersecurity

Blogs

IGF Best Practice Forums, an Opportunity to Bring Your Experience to the Policy Debate

In the run-up to the 14th Internet Governance Forum in Berlin, Germany, 25 to 29 November, different groups are discussing best practices pertaining to specific internet governance policy questions. These groups are open and thrive on your input and experiences. Their findings will be presented at the IGF and published shortly after. The IGF Best Practice Forums intend to inform internet governance policy debates by drawing on the immense and diverse range of experience and expertise... more

How Domain Data Helps Thwart BEC Fraud

It's true, domain data has many practical uses that individuals and organizations may or may not know about. But most would likely be interested in how it can help combat cyber threats, which have been identified as the greatest risks businesses will face this year. Dubbed as the greatest bane of most organizations today, cybersecurity can actually be enhanced with the help of domain data. How? more

Business Email Compromised (BEC) Scams Explode Under the GDPR Implementation

Business email compromised (BEC) attacks targeting American companies are exploding, with an increase of over 476% in incidents between Q4 2017 and Q4 2018. Up as well is email fraud with companies experiencing an increase of over 226%. These highly targeted attacks use social engineering to identify specific company employees, usually in the finance department and then convince these employees to wire large sums of money to third-party banking accounts owned by the attackers. more

Proactive Cybersecurity: What Small Businesses Can Actually Do

In the business world, there are two main paths a company can take with cybersecurity -- the reactive and the proactive approach. The problem with a purely reactive attitude is that it can easily put companies in constant firefighting mode. And for small companies with limited resources, this can turn out to be an increasingly uncomfortable place to be in.
With that in mind, experts today suggest proactive cybersecurity by monitoring suspicious activity and identifying risks before they turn into full-blown attacks. more

GDPR Fine Enough or More Disclosure?

The UK cares about its citizens' privacy to the tune of a $229 million (US) fine of British Airways for a breach that disclosed information of approximately half a million customers. It's exciting -- a significant fine for a significant loss of data. I think GDPR will lead to improved security of information systems as companies scramble to avoid onerous fines and start to demand more from those who provide information security services and products. more

WHOIS Database Download: Proactive Defense Against the Rising Tide of BEC Fraud

How many times have you heard that humans are the weakest link in cybersecurity? The headlines have proven that over and over again. In particular, business email compromise or BEC (also known as email account compromise or EAC) scams, which typically target an employee with access to the financial resources of his company -- this could be a C-level executive or any high-ranking officer -- for fraud are still on a constant uphill trend. more

Greater Caribbean Cooperation Needed to Combat Cyber Crimes

The Caribbean is under virtual siege as incidents of cyber attacks and cyber crimes surge across the region. "The sophisticated use of technology by highly incentivised criminal organisations has created unprecedented opportunities for transnational crime elements that no one region, country or entity can fight on its own. More inter-regional cooperation and collaboration are needed to develop and implement smart and integrated approaches to fight new and emerging cyber threats." more

Domain Related Crime: The 4 Steps of Effective Investigations

There is no rest for the wicked. If you think that 2018 was the climax of cybercrime, wait until you see what happens in the next few years as cybercriminals are constantly learning new ways to strike. Take for instance domain-related attacks now coming in a variety of forms. There's domain hijacking which involves gaining of access to domains and making changes without owners' permission. You have typosquatting where phishing is often utilized to steal valuable information. more

A Case for Regulating Social Media Platforms

There are some who see the regulation of social media platforms as an attack on the open internet and free speech and argue that the way to protect that is to let those platforms continue to self-regulate. While it is true that the open internet is the product of the same freedom to innovate that the platforms have sprung from, it is equally the product of the cooperative, multi-stakeholder organisations where common policy and norms are agreed. more

Investigating Domain Name Crime: Challenges and Essential Techniques

Who would think that so much could go wrong with something as seemingly innocent as a domain name? As cybercrime continues to evolve, causing devastating reputational and financial losses to businesses and organizations, web addresses are used as a weapon -- and it's not always easy to notice their many faces. In this article, let's take a look at the domain name crime landscape, discuss the current challenges investigators and legitimate registrants face, and talk about some useful techniques. more

Putting Cyber Threats Into Perspective

As society uses more digital technologies we are increasingly also faced with its problems. Most of us will have some horror stories to tell about using computers, smartphones, and the internet. But this hasn't stopped us from using the technology more and more. I believe that most people would say that their lives would be worse without technology -- in developed countries but equally in the developing world. more

Building a Secure Global Network

Recently, the DNS has come under an extensive attack. The so-called "DNSpionage" campaigns have brought to light the myriad methods used to infiltrate networks. These attacks employed phishing, system hopping via key exfiltration, and software zero day exploits, illustrating that many secure networks may not be fully protected. more

CircleID's Top 10 Posts of 2018

It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2018 participants for sharing their thoughts and making a difference in the industry. more

Internet Economics

One year ago, in late 2017, much of the policy debate in the telecommunications sector was raised to a fever pitch over the vexed on-again off-again question of Net Neutrality in the United States. It seemed as it the process of determination of national communications policy had become a spectator sport, replete with commentators who lauded our champions and demonized their opponents. more

DK Hostmaster Wins Award for Transparency and Trust Online

The nonprofit Alliance for Safe Online Pharmacies (ASOP Global) presented its annual Internet Pharmacy Safety E-Commerce Leadership Award to .DK Hostmaster at the 2018 ICANN63 today in Barcelona, Spain. The domain name administrator for Denmark, DK Hostmaster, was selected for the award based on their commitment to ensuring citizen safety by maintaining transparent WHOIS data, proactively enforcing identity accuracy policies to increase consumer trust and safety online. more

News Briefs

281 Arrested Worldwide by US Federal Authorities in Connection With Business Email Compromise Scheme

The Insecurity of the IoT is Only Getting More Profound, Says Principal Researcher at F-Secure

Ransomware Causes 15 Schools in Arizona To Stay Closed For a Second Day

Phishing Attacks Targeting Executives Now Top Cybersecurity Insurance Claims, Says AIG

By 2021 Cost of Cybercrime to Top Annual Natural Disasters and Global Drug Trade Costs, Says Report

Close to 200K Phishing Domains Discovered in a 5-Month Span, 66% Targetted Consumers, Akamai Reports

A Seattle Woman Charged With Capital One Data Theft Affecting 106 Million People

A 60% Rise Reported on Malware Designed to Harvest Consumers' Digital Data, aka Password Stealers

Florida Cities Are Paying Hundreds of Thousands of Dollars in Ransom to Get Their Data Back

Baltimore Gets Hacked: Main Computer Systems Crippled, Experts Estimate Months to Recover

Hackers in Possession of Over 312K Files, 516GB Financial Data of Some of World's Largest Companies

Hacker Has Released Close to a Billion User Records Over the Past Two Months, Reports ZDNet

FBI, Department of Homeland Security Issue Warning About a North Korean Trojan Malware Variant

Russia Is Studying China's Legislative Experience in Fighting Internet Corruption, Cyber-Terrorism

Cryptominers Infected 10x More Organizations Than Ransomware in 2018

Volunteer-Based Project Succeeds in Taking Down 100,000 Malware Distribution Sites Within 10 Months

McAfee Labs 2018 Report Reveals 480 New Threats Per Minute, Sharp Increase in IoT-Focused Malware

Criminals Using New Phishing Techniques to Hide from Victims and Investigators, Reports APWG

Hackers Behind Marriott Breach Left Clues Suggesting Link to Chinese Government

Strange Email Used to Inform Marriott Customers About the Massive Data Breach

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

Threat Intelligence Platform Updates – Sponsor

How Threat Intelligence Can Solve 3 Common SIEM Problems

Security information and event management (SIEM) solutions are an excellent way to get incident data from an organization's network and put them all in one place. But as a network's complexity grows, so do the problems these SIEM vendors face with regard to providing the right products to clients. more

New Phishing Tools Can Now Bypass 2-Factor Authentication

Two-factor authentication (2FA) is an essential safety measure that stops unauthorized access to an account. It was invented to provide an additional layer of security to the usual log-in procedure of providing one's username and password, which is now considered by many as obsolete and unsecured. more

Industry Updates

Participants – Random Selection