The ThreatMetrix European Cybercrime Report: Q1 2018 is based on actual cybercrime attacks from January – March 2018 that were detected by the ThreatMetrix Digital Identity Network (The Network) during real-time analysis and interdiction of fraudulent online payments, logins and new account applications.

This report from ThreatMetrix compiles their 2017 Cybercrime report in such a way that they offer unique insight into the travel and entertainment industry and how cybercrime is impacting that arena.

Using intelligence from the ThreatMetrix Digital Identity Network, gaming and gambling companies can accurately differentiate between responsible users and problem gamblers / fraudsters in real time.

In this new research report, Farsight Security set out to determine the prevalence and distribution of IDN homographs across the Internet. We examined 100M IDN resolutions over a 12-month period with a focus on over 450 top global brands across 11 sectors including finance, retail, and technology.

This paper offers insight into QR code usage and user interest and suggests that organizations should take time to consider and familiarize themselves with the potential security ramifications.

This report offers insight into the German DAX 100 Threat Horizon.

From the report, “Fraud from stolen identities or cyber attacks/hacking were the types of fraud most concerning to fraud mitigation professionals.” Read on to discover more.

In this report, they provide an overview of current vulnerability disclosure trends and insights into real-world vulnerability demographics in enterprise environments. they analyze vulnerability prevalence in the wild, based on the number of affected enterprises, to highlight vulnerabilities that security practitioners are dealing with in practice - not just in theory.

Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware, including 11 new, unreported applications. We also discovered and analyzed live, misconfigured malicious command and control servers (C2), from which we were able to identify how the attacker gets new, infected apps to secretly install and the types of activities they are monitoring. In addition, we uncovered the IMEIs of the targeted individuals (IMEIs will not be shared publicly for the privacy and safety of the victims) as well as the types of exfiltrated content.

This report provides new insights into the Shamoon 2.0 and StoneDrill attacks, including: 1. The discovery techniques and strategies we used for Shamoon and StoneDrill. 2. Details on the ransomware functionality found in Shamoon 2.0. This functionality is currently inactive but could be used in future attacks. 3. Details on the newly found StoneDrill functions, including its destructive capabilities (even with limited user privileges). 4. Details on the similarities between malware styles and malware components’ source code found in Shamoon, StoneDrill and NewsBeef.

This post regards the following event - “Around July last year, more than a 100 Israeli servicemen were hit by a cunning threat actor. The attack compromised their devices and exfiltrated data to the attackers’ command and control server. In addition, the compromised devices were pushed Trojan updates, which allowed the attackers to extend their capabilities. The operation remains active at the time of writing this post, with attacks reported as recently as February 2017.”

The post contains Analysis on a wave of attacks targeting banks as well as the falsified origins of said attacks.

This paper cites a Dimensional Research survey of 250 IT security professionals in financial services organizations located in the U.S., U.K., Germany, France and Australia. The survey examines the challenges faced by the financial services industry in managing certificates, and the results illustrate the importance of incorporating CA-agility into a certificate management strategy. The survey also explores the federal government and other industries, including healthcare, retail and technology.

This paper analyzes a cleanup app that is actually malicious.

This paper tries to answer the question, “What does the general public know about data privacy?”

The research department at TopSpin Security conducted an experiment to investigate the performance of deception technologies in a simulated corporate environment in which more than 50 professional hackers and security experts used their knowledge and skills to try to extract a pre-defined piece of data and stay undetected. The experiment sought to answer a number of questions, including: 1) What kind of attacker will be attracted to what different type of resources (traps)? 2) What deception mechanisms should the defending organization employ? 3) Where should they be placed? 4) What kind of traps should be used Every attack pattern was carefully monitored and upon completion the data logged was analyzed and aggregated. Trends, attack patterns and statistics were derived from the data logged.

SophosLabs takes a specific look at threats being downloaded on GooglePlay that mine a mobile phone’s resources while searching for cryptocurrency.

Read about the threat outlook for aerospace and defense sectors as threat groups seek to gain military and economic advantages.

This is the 22nd edition of the Microsoft Security Intelligence Report. In this report, they have organized data sets into two categories, cloud and endpoint. They are sharing data about a shorter time period, one quarter.

This document discusses the vulnerabilities discovered by edgescanTM over the past year – 2015. The vulnerabilities discovered are a result of providing continuous vulnerability management to a wide range of client verticals; from Small Businesses to Global Enterprises; Telecoms & Media, Software Development, Gaming, Energy and Medical organizations.

The Annual Cybersecurity Report highlights the relentless push-and-pull dynamic between cyber attackers and cyber defenders. It is intended to help organizations respond effectively to today’s rapidly evolving and sophisticated threats.