Cybercrime

From Fake News Proliferation to Data Theft: Tracing the Red Cross Hack to a Misinformation Network

The International Committee of the Red Cross (ICRC) hack in January 2022 led to the compromise of the sensitive information belonging to 515,000 people. While no indicators of compromise (IoCs) relevant to the attack have been publicized, a security researcher did expose a possible link to an Iranian misinformation network.

Behind the Innovative Marketing Rogue Scareware Distribution Network

Cybercriminal network Innovative Marketing made headlines in rogue scareware's heyday. Between its founding in Kyiv, Ukraine, in 2009 and the three years it continued operating, the company reportedly amassed close to US$700 million in revenue.

Meet the Speakers of the Cyber Threat Mitigation Webinar (by IPXO)

On the 14th of April, IPXO, the world's leading IP monetization and leasing platform will be holding a webinar on Cyber Threat Mitigation. Thought leaders from CUJO AI, Deft, Voxility and IPXO, will be sharing their insights from their experiences in observing and analyzing the Internet's landscape.

Limited IP Resources Leave Smaller ISPs Vulnerable to Judgement Errors When Making Tough Cybersecurity Calls

An increasing number of cyberattacks on internet users is causing more and more internet blackouts as smaller Internet Providers struggle with tough choices and limited resources. Gustavas Davidavicius, Abuse Prevention Team Lead at IPXO, shares insights on the role of human errors in ISP-related cybersecurity failures and other measures that can be taken to reduce the incidence and impact of cyber-attacks globally.

Be Wary of Bogus Web Properties This Tax Season

The U.S. tax season began when the Internal Revenue Service (IRS) started accepting and processing 2021 tax returns on 24 January 2022. The deadline is set for 18 April 2022, and taxpayers expect to receive email notifications regarding penalties, refunds, and other tax-related issues

Are Cybersquatters Going After the Car Manufacturing Sector?

Distinguishing properties added by the companies themselves is an essential part of this study. If the legitimate company owns the domains and subdomains, they have control over these assets. Otherwise, the digital properties can be considered rogue that can be potentially used in brand abuse, phishing campaigns, and other malicious activities.

The Oscars and Suspicious Web Activity: What’s the Link?

It's not unusual for movies, actors, and actresses to serve as lures in cyber attacks. Our recent post on "Spider-Man: No Way Home" proved that. Phishers and other threat actors will, unfortunately, try to capitalize on anything that's bound to get a lot of user attention. And the annual Oscar Awards is no stranger to such a scenario. Just last year, in fact, hackers used nominated films as phishing baits. This year may be no different.

2022 Olympic Winter Games: Prime Ground for Phishing Lures?

Threat actors have notoriously taken advantage of the Olympic Games's popularity to launch malicious campaigns. The "OlympicDestroyer" malware was most notable, using a domain related to the Pyeongchang 2018 Winter Olympics. But the COVID -- 19 bubble in the 2022 Olympic Winter Games may have increased the danger.

Malicious Valentine: Uncovering Thousands of Connections to Romance-Themed Campaign IoCs

Romance-themed malicious campaigns are launched throughout the year, but days leading up to Valentine’s Day could be particularly timely for such activities.

The Irony: Data Privacy Sites Bring Risks Instead of Protection

Many countries celebrate Data Privacy Awareness Week every last week of January. Each year, the National Cyber Security Alliance (NCSA) makes it a point to remind users about the importance of keeping their digital data safe from all kinds of threat actors. In fact, they commemorated this year's Data Privacy Awareness Week with various events.