published research

The tactics of cyber criminal hacking crews are indistinguishable from those of sophisticated, state sponsored "advanced persistent threat" groups, the firm FireEye said in its most recent M-Trends report.

Dark Markets do it better, surveying the Phishing underground and dissecting a Fancy Bear attack

In episode 69 of The Security Ledger podcast, we speak with Luca Allodi of The University of Eindhoven in The Netherlands about research on the functioning of dark markets. Also: DUO Security researched the trade in phishing toolkits – you’ll be surprised at what they learned. And we deconstruct a campaign against the citizen journalism website Bellingcat.com to understand how the Russian Group known as Fancy Bear works.

A breakdown of breaches by country. (Image courtesy of Gemalto.)

Report: 1.9b Records Lost in First Half of 2017, topping 2016

A survey of public data breaches has found a large increase in the number of records that have been stolen, lost or compromised in the first six months of 2017. The firm Gemalto said that the number of records caught up in breaches jumped 164% from the second half of 2016 and the first half 2017 to almost 2 billion lost records. That is more than the total number of records lost in all of 2016.  Gemalto said its latest data from the company’s Breach Level Index, a global database of public data breaches, indicates 918 data breaches led to 1.9 billion data records being compromised worldwide in the first half of 2017. Most of the leaked records came from just 22 large data breaches, each involving more than one million compromised records, the company said. How many records? Nobody knows. Even more worrying: of the 918 data breaches, the […]

Equifax said the breach of its network and theft of data on 140 million individuals has cost the company $87 million so far.

Inside the Equifax Hack, Facebook’s Problem with Authoritarianism & ASPertise harnesses Asperger’s Syndrome

Podcast: Play in new window | DownloadSubscribe: Android | RSS | MoreIn-brief: In this week’s podcast, Security Ledger Editor in Chief Paul Roberts talks with noted security researcher Robert “RSnake” Hansen about the data breach at Equifax and why the company’s response to it was so lacking. Also: Chris Sumner of the Online Privacy Foundation talks about why Facebook is a killer app for information operations and we talk to the president of ASPertise: a consulting firm by and of professionals with Aspergers and Autism spectrum disorders.