Authorities Arrest Another TrickBot Gang Member in South Korea

Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management Affiliate-Driven Ransomware-as-a-Service Operations Keep Generating Big Profits Mathew J. Schwartz (euroinfosec) • May 11, 2021     Statements posted to DarkSide’s data leak site “It’s not personal, Sonny. It’s strictly business.” See Also: Live Webinar | Software Security: Prescriptive vs. Descriptive That immortal…

Cybercrime , Cybercrime as-a-service , Endpoint Detection & Response (EDR) Revenue, Size, Geography and Level of Access Help Determine Sale Price for Access Mathew J. Schwartz (euroinfosec) • September 6, 2021     Sections on the XSS and Exploit cybercrime forums that are dedicated to accesses (Source: Kela) The most sought-after type of victim for…

Application Security , Cloud Security , Endpoint Detection & Response (EDR) Zscaler Is Also Boosting Cloud Capabilities by Picking Up Trustdome Doug Olenick (DougOlenick) • April 24, 2021     Rapid7 is acquiring Velociraptor, an open-source, endpoint-monitoring, digital forensics and incident response organization and professional community that it will continue to operate as a stand-alone…

Qualys, which provides a cloud-based platform for protecting IT and OT workloads, has become the latest firm to be victimized by vulnerabilities in the Accellion FTA file transfer application. Company CISO Ben Carr said Wednesday it had deployed an Accellion FTA server in a segregated DMZ environment, completely separate from systems that host and support…

A planned Biden administration executive order will require many software vendors to notify their federal government customers when the companies have a cybersecurity breach, according to a draft seen by Reuters. A National Security Council spokeswoman said no decision has been made on the final content of the executive order. The order could be released…