From the report, “During the past six months, Carbon Black looked into the dark web to determine how cryptocurrency malware is being bought and sold, fostering a burgeoning economy designed to pilfer some of the most popular cryptocurrencies on the market.”

With hundreds of thousands of implementations across the globe, Enterprise Resource Planning (ERP) applications are supporting the most critical business processes for the biggest organizations in the world. This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications. We have concentrated our efforts on the two most widely-adopted solutions across the large enterprise segment, SAP and Oracle E-Business Suite, focusing on the risks and threats organizations should care about.

When law enforcement announced the seizure of AlphaBay in July 2017, the United States Attorney General Jeff Sessions described the operation as: “one of the most important criminal investigations of the year…because of this operation, the American people are safer – safer from the threat of identity fraud and malware, and safer from deadly drugs.” 1 The timing and coordination of the law enforcement operation, known as Operation Bayonet, was a clear success and has contributed to multiple subsequent arrests.2 Almost one year later, the marketplace model appears to be in decline, but the risks to businesses and consumers have not subsided. Instead, this paper demonstrates that cybercriminals have taken to incorporating new processes, technologies, and communication methods to continue their activities.

This e-book provides good insight into understanding cyber crime.

The current environment for doing business forces business leaders to face an expanding attack surface, more sophisticated threats and threat actors, and mounting regulatory compliance. These factors are creating a perfect storm that puts your organization and your customers at risk. Now is the time to act. As a Board member or executive, it is not only your goal, but your responsibility to shareholders to protect their interests. The threat to your bottom line from a single incident are significant but a digital risk management strategy can help.

This report offers a helpful look at Mobile Banking Trojans.

A trade war with China. A fragile agreement with North Korea. A growing fear of Russian hackers. Ahead of the 2018 U.S. midterm congressional elections, geopolitical conflict continues to play out in cyberspace.

This blog post takes a look at APT29 Domain Fronting with Tor.

This simple little report takes a look at a survey conducted among 11,417 Avast users worldwide, Avast gauged people’s views regarding the value of their data stored in online accounts like email, shopping and social networking sites, and their habits when it comes to protecting their data. The results show that, while many respondents view their data as having actual financial value, they aren’t taking proper measures when affected by a data breach.

This report helps detail the importance of monitoring suspicious domain registrations to protect a brand from being destroyed by cyber criminals.

While the use of the dark web as facilitators for illicit drug trade has increasingly been the subject of research by a number of academics, little has been done to conduct a systematic investigation of the role of the dark web in relation to the illegal arms trade, drawing on the insights offered by primary data. To address this gap, and with a view to support- ing policy and decision makers, RAND Europe and the University of Manchester designed this research project.

Aaron Higbee, Co-founder and CTO, PhishMe, (now CoFense) discusses the future of phishing defence and asks which side of the fence the future of defence against phishing attacks lies: human or machine?

This paper seeks to help mitigate serious crimes related to mobile security and credential fraud.

Notable declines in darknet exposure among black hat exhibitors, but does a risky darkint score correlate to share price performance?

This report aims to investigate the role of the Internet in facilitating drugs trade. It is commissioned by the Research and Documentation Centre (Wetenschappelijk Onderzoek- en Documentatiecentrum, WODC), the independent research arm of the Ministry of Security and Justice in the Netherlands. Special attention will therefore be paid to the role of Dutch actors in facilitating this trade.

This paper discusses the How and Why the Dark Web Marketplace for Ransomware Is Growing at a Rate of More Than 2,500% Per Year

Shap Security has a unique position to talk about credtial spills. This paper provides a breakdown of their experiences with the credential spill issues of 2017.

This book provides excellent research and an in-depth study of cybercrime criminals and money.

From the report, “AED is an acronym we‘ve coined, short for “Acquire, Enrich, Detect.” It describes the process we use internally to collect threat intelligence and actualize our ability to identify when networks are under attack. We do this in the shortest possible time, with the highest degree of confidence, by looking ONLY at the raw network traffic.”

Trend Micro researchers’ in-depth explorations of the cybercriminal underworld— from Germany1, Brazil2, Japan3, North America4, and China5 to Russia6—have shown how financial gain motivates the way malware, crimeware, personally identifiable information (PII), and stolen commodities change hands. While their marketplaces are profit-driven and focused on flaunting their wares, we observed that the Middle Eastern and North African (MENA) underground was somewhat different with its ironic mix of ideology and felony.

This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications.