Cybercriminals continue to target the cryptocurrency industry, this time with an exploit that affected the Balancer decentralized finance platform, with total losses exceeding $100 million and involving several exchanges that use the software across

I recently came across a victim’s story, in how she was scammed online and ultimately lost all her cryptocurrency.  In reading the story, and extrapolating from my four decades of working against criminals, I wanted to pass on some digital security t

As cryptocurrency becomes more popular and the adoption rises, we see a related increase in the number of cybercrimes, fraud, and malware schemes. Criminals like to hunt and plunder where there is money! If you hold cryptocurrency or are using Web3 p

This is how you handle cybercrime digital extortion! Coinbase was compromised by trusted 3rd party partners, which exposed customer data — but customer keys to their assets were still safe. The cyber criminals then attempted to extort $20 million fro

More attacks targeting cryptocurrency users. Microsoft has identified a new Remote Access Trojan, named StilachiRAT, that has sophisticated capabilities to remain stealthy and persistent so it can harvest crypto wallet credentials via web browsers.

Th

This may turn out to be the biggest #cryptocurrency hack in history! $1.5 BILLION. The details are sparse, but I am interested in the origins of this attack, especially if it was from a nation-state level attacker.

Apparently, it was the cold wallet t

Cybercriminals all over the world have leveraged this technology’s increased anonymity to buy and sell illegal goods, services, stolen data, underground infrastructure and force victims to pay ransom. While blockchain analysis enables researchers and

Two Cryptocurrency Exchanges were recently taken down by authorities. The PM2BTC and Cryptex sites were seized.

Video: https://youtube.com/shorts/wvRelrVSOcE

This is important for two reasons:

1. It disrupts illegal money laundering, in this case, hund

The decentralized finance (DeFi) and cryptocurrency industries are being targeted by North Korean social engineering schemes in highly personalized and convincing ways.

Here is an example that the FBI is showcasing:

1. A person from your dream company,

When cybersecurity researchers break the law, destroy their reputation, and make the bug-bounty research community look bad.

TL:DR Researchers found a vulnerability in a cryptocurrency exchange. They notified the company, but then exploited the bug to

New Cryptojacking Malware Breakdown - The GhostEngine cryptocurrency mining malware disables endpoint security protections, deletes logs, modifies the kernel, and digs-in to establish persistence.

It all begins with getting the victim machine to launc

One of the most impressive hacks ever! Such tremendous sophistication is the hallmark of Nation State level attackers. Truly epic, but should you be worried?

Some say no, as the attack is not currently widespread.
I say we should all be concerned wi

There are many approaches to conduct a strategic cybersecurity risks assessment.  This is one of my favorite ways, using a Threat Agent Risk Assessment (TARA) methodology. 

This paper was authored by Tim Casey, David Houlding, and I while we were at I

The cyber attacks on LastPass continue to be more invasive and damaging to its customers. Numerous security failures and poor leadership decisions have undermined this cybersecurity company’s reputation and sent its customers scrambling to protect t

US Treasury sanctions a cryptocurrency mixing site for supporting North Korean hackers who have been stealing hundreds of millions of dollars.  Blender.io is a virtual currency mixing site that obfuscates the origins of cryptocurrency coin transactio

Ransomware attacks and payments are increasing, with most revenue going to Russian attackers. It is time to revisit outlawing Ransomware payments.

Some stats to hammer the situation home:

Sophos ransomware report indicates:

- Ransom attacks are more fre

Norton recently announced its Anti-Virus product will have a new feature that enables mining of Ethereum cryptocurrency for their customers, if they choose to participate.  Is this a nice benefit for users or a reckless move to that increases overall

2022 will be a very tumultuous year for cybersecurity professionals. The underlying fundamentals that drive major shifts of the cybersecurity industry — technologies, threats, and economic factors, will introduce new risks and combine to significantl

A new tool is gaining popularity on the dark web which provides insights to users if their cryptocurrency activity might be flagged by authorities as potentially illicit. Such a tool can provide cybercriminals the intelligence necessary to stay under

There are 600 Million Differences Between Hackers and Cybercriminals…

An amazing story is emerging from a massive cryptocurrency exploitation that exemplifies the difference between a ‘hacker’ and a ‘cybercriminal’.

Interested in more cybersecurity i