Archive for cyber-crime

You are browsing the archives of cyber-crime.

Cyber Threat Potential

Cyber attackers have a variety of motivations, but it is possible to categorize them and attempt to understand the different strategies they might use and how to defend against them. Here are some of the categories of motivations behind threats: Use data from your system Identity theft – mostly for financial fraud Business information – […]

Clouds Will Become APT Targets

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. NIST SP 800-145 Advanced Persistent Threat APT or Advanced Persistent Threat describes cyber […]

GSM Based Skimmers

Brian Krebs leads the field in reporting on bank ATM machine skimmers that collect banking credentials from ATM customers and relay them to cyber thieves. This is another outstanding article by Krebs that exposes a little piece of the world of cyber-crime. Why GSM-Based ATM Skimmers Rule Earlier this year, KrebsOnSecurity featured a post highlighting […]

ATM Skimmers

For several years, reports of ATM skimmer devices have been increasing. These devices are usually designed to fit over the card receptacle on an ATM machine or gas pump or other form of debit/credit card reader. They intercept the card data and may also collect the pin number entered and save the data for thieves […]

Kneber-Zeus

A trojan horse backdoor called “Zeus” is being used by a botnet named “Kneber” by researchers. This botnet has been operational for over a year and has compromised many organizations and collected a vast amount of data that was intended to be confidential. Hackers Mount New Strike – [wsj.com] Hackers in Europe and China successfully […]

2009 Security Report

Symantecs MessageLabs Intelligence 2009 Annual Security Report offers some very interesting information about the past year and assumptions about the near future of malware and other security threats. Here are a few teasers that should encourage you to read the entire report: 3.2.4. Command and Control: Mysterious Messages and Covert Channels In the 12-months since […]

SANS Cyber Risk List

For many years, the top worry of defensive security specialists has been focused on closing/patching holes/vulnerabilities in the operating systems at the perimeter of the information system. This excellent report published by SANS suggests that the attackers are re-focusing their efforts on client side software and web applications that remain more vulnerable. Client applications that […]

Nickel Pop

How much does it cost cybercriminals to obtain access to a hacked computer? Why do it yourself when you can buy one for a nickel? Often, one group of cybercriminals specialize in the act of penetrating systems and installing backdoors. Then they sell access to the systems to other cybercriminals who want to use the […]

Cyber Nexus: Crime+Terrorism

The intersection between cyber-crime and organized crime has received attention for several years. As the financial returns available from cyber-crime have simultaneously increased in potential and visibility, the cyber-criminals have become more organized and more closely linked to conventional organized crime. Organized crime in various forms has discovered the usefulness of encryption and steganography for […]

Extortion

It is also possible to disrupt an organizational by using cyber-warfare attacks in conjunction with conventional tactics like bribery, extortion and even torture. These classical criminal methods are perhaps most likely to be used to gain access to a system or data, but could also be applied to a variety of tactics designed to create […]