Robert Lemos

While many groups linked to nation states have conducted cyber-espionage operations against other countries and their industries, a study finding that Iranian hackers had allegedly infiltrated the networks of global critical infrastructure firms has caused concern among security experts. Dubbed Operation Cleaver, the widespread attacks have affected educational institutions, airports and airlines, government agencies and […]

Software vulnerabilities are quickly exploited by cyber-criminals and online spies, typically giving defenders less than eight days to patch, according to a study of some 188 exploited software vulnerabilities by data analysis firm Recorded Future. The study used automated data collection to gather information from the National Vulnerability Database, vulnerability reports, and software-update bulletins. Using […]

In 2013, the leak of classified U.S. government documents caused immediate repercussions both diplomatically and politically in many countries, especially for United States citizens, but public perceptions have taken longer to shift. Yet shift they have. A year later, citizens are concerned that they lack privacy online and have grown more wary of corporate data […]

An analysis of three complex cyber-operations—all allegedly conducted by Russian-sponsored groups—has found signs of the underlying espionage organizations involved in the attacks, according to an analysis by data-intelligence firm Recorded Future. The meta-analysis—which focused on three espionage campaigns known as Uroburos, Energetic Bear and APT28—collected reports and research published by security firms and news agencies, […]

Online spies using an espionage platform, known as Regin, have had significant success at infiltrating systems in Russia, Saudi Arabia and other countries, without leaving much trace, according to antivirus firms. Since at least 2008, and perhaps as early as 2003, unknown adversaries have used the Regin platform to create multi-stage malware attacks that have […]

The discovery of a Website that displays links to more than 10,000 insecure Internet-connected cameras has quickly led to calls to take down the site, while largely turning a blind eye to the more pernicious problems of poorly secured Web devices. On Nov. 20, the United Kingdom’s top privacy protector, the Information Commissioner’s Office, highlighted […]

Despite a year’s worth of major security breaches, retailers continue to be compromised by opportunistic malware, suggesting that the security of their networks and data has failed to improve and may have even worsened, according to data collected by security-ratings firm BitSight. The research, released on Nov. 18, found that 58 percent of a group […]

As part of attempts to gather financial information from customers, cyber-criminals are reserving phone numbers that are similar to the contact numbers of banks, credit unions and other financial institutions, according to security firm Pindrop Security. In a study of phone numbers for some 600 institutions, the company found close variants used in fraud against […]

A study of the ZeroAccess botnet and its ability to use fraudulent advertising clicks to generate revenue demonstrates that online ad networks have insufficient countermeasures to combat the cyber-criminals who abuse them, a group of nine academic researchers concluded. The research focused on ZeroAccess as perhaps the best known click-fraud botnet. Click fraud uses compromised […]

A long-term study of the infrastructure used to poison search engine results has found that fraudsters quickly adapt to countermeasures aimed at preventing the manipulation of search results and that fraudulent links dominate the results for certain search subjects, such as pharmaceuticals. The four-year academic study, conducted by a team of three researchers from Carnegie […]