After the CARES act was passed in March of 2020, fraudsters worked towards making money off of it. This report seeks to understand all of the components of fraud happening on the dark web in relation to the CARES act.

From the report, “During the last few months, global corporations have been extremely busy with implementing the needed changes in order to be compliant with the upcoming GDPR regulation. While this happens, cyber-threat actors are preparing themselves for the possible consequences, without a clear picture of whether GDPR will hurt them or benefit them. According to the General Data Protection Regulation (GDPR) any company that handles European Union consumer personal data is obligated to take tangible steps to ensure the information’s security. This means the EU sees any organization that uses EU citizens’ data of any kind, responsible to protect it, whether the organization is headquartered inside EU territory or not. It will, of course, affect the way global corporations handle consumer data encryption, but in even more basic terms, it will affect what kind of information is permitted to be stored and passed along to other users.”

This report takes a look at the healthcare industry and seeks to provide insight into the cyber security issues that remain in that industry.

From the report, “On November 26th, Slovakian Anonymous leader ‘Abaddon’ posted in the deep web message board ‘Hidden Answers’, looking to recruit accomplices for an operation targeting NATO and EU websites. The proposed attacks would potentially arrive by means of XSS (cross-site scripting), SQL injection, or a combination of both. And by DDoS (distributed denial of service), a type of attack that is intended to make an online resource unavailable to its legitimate users by overwhelming it with traffic. It is not yet clear what the motives for the operation are, or what the official name will be.”

This report offers insight into forged documents online. And how they are traded and used to commit identity fraud or evade authorities.

This is a threat focus report on Drupalgeddon2

This report offers insight into fraud in the gaming industry beginning with stolen credit cards being used with Fortnite.

Recently, cybercriminals have managed to redirect web-based crypto-wallet DNS queries to a malicious mirror website. By doing so, they were able to steal $17m in Ethereum. The hackers pulled off a BGP (Border Gateway Protocol) hijacking attack on the website’s DNS service host, causing it to receive a false IP address and direct users to a phishing website. As a result, the users became victims of the attack, losing their stored wallet’s crypto-currency.