News, blogs, analysis, tips, discussion and how-to about cybercrime.

News analysis

Federal CIOs Moving Cybersecurity Beyond Compliance

The evolving nature of cyberattacks demands a more dynamic response, according to government CIOs making an effort to implement real-time, continuous monitoring and reporting for security issues. Full Story »
Top Line Interview

How a Cyber Cop Patrols the Underworld of Ecommerce

Melissa Andrews, a resident of Canada, is a cyber security "cop" for Payza, an international e-commerce payment platform operating in 97 countries. Her job, described by the company's public relations firm as "the worst security job on the Internet," is to protect the public from illegal, and many times revolting, content, by shutting the sites down and alerting authorities about criminal activity. She spoke with CSO this week about her job and why she is proud of what she does.


Big Bucks Going to Universities to Solve Pressing Cybersecurity Issues

During a week in which everyone seemed to be searching for answers amid revelations of the Heartbleed bug, several universities and their partners announced new efforts to explore IT security advances.


XPocalypse Now: Security Experts Size Up the Cyberthreats

What's the worst that could happen when Microsoft ends Windows XP support? Do you really want to find out?

Advice & Opinion

Resurrection of Full Disclosure Mailing List is Great News, if You're Not a Cyberthief

The hardest thing to get large companies to do is to share sensitive corporate information with direct rivals. A very close second to that is to get them to talk about a security attack they just suffered. But that double reticence provides a favorable business climate for cyberthieves.


Data Breaches Eroding Usefulness of Personal Identification, Argues New Analysis

The number of personal records compromised by data breaches has reached such proportions that once important identifiers such as U.S. social security numbers could soon stop being a reliable way of authenticating people, a new analysis by NSS Labs has suggested.


Patch Management Flubs Facilitate Cybercrime

Failures in patch management of vulnerable systems have been a key enabler of cybercrime, according to the conclusions reached in Solutionary's annual Global Threat Intelligence Report out today, saying it sees botnet attacks as the biggest single threat.

News analysis

Microsoft Returns to Scare Tactic Well in Dump-XP Campaign

Microsoft yesterday pulled out the big guns -- a fear-of-God approach -- to scare users into dumping Windows XP, telling them that the most popular tasks done on a PC will put them in the crosshairs of cybercriminals.


Cybercrime Trends Point to Greater Sophistication, Stealthier Malware, More Encryption

A sobering think-tank report on the evolution of cybercrime and the supporting marketplaces on the dark side of the Internet depicts a criminal complex growing more sophisticated in software tools and its ability to hide from law enforcement.


ATM Malware, Controlled By a Text Message, Spews Cash

A group of enterprising cybercriminals have figured out how to get cash from a certain type of ATM -- by text message.


Researchers Discover Credential-Stealing Unix-based Server Botnet

Cybercriminals are using sophisticated malware in compromising thousands of Unix-based servers to spew spam and redirect a half million Web users to malicious content per day, a security firm reported.


Cyberattacks Could Paralyze U.S., Former Defense Chief Warns

As the U.S. Secretary of Defense, Leon Panetta delivered strong warnings about the risks of cyberattacks on the country. His conviction that a possible "cyber Pearl Harbor" may be looming has not tempered since leaving the post last year.


Criminals on Tor is the Price of Global Liberty

Research pointing to rising criminality on Tor shows the cost of having a network that provides anonymity to whistleblowers, journalists, political dissidents and others trying to avoid government surveillance.


Cyberlocker's Success Will Fuel Future Copycats

Nothing spurs malware development like success and that's likely to be the case in the coming months with ransomware.

News analysis

Target CIO Resignation Puts Retail CIOs on Alert

As Beth Jacob's resignation from Target shows, retail CIOs are culpable for security breaches even though they might not have the resources in-house to protect the company.