Emerging Threats

Our musings on navigating the ever-evolving cyber & physical threat landscapes.

Blog > Emerging Threats

SDA Protocol Payment Cards Remain a Target for Cybercriminals

Despite the heralded security of chip-and-PIN payment cards that follow the EMV (Europay, Mastercard and Visa) standard, some EMV cards are still undermined by the continued use of the static data authentication (SDA) protocol. SDA is one of three protocols that can be used to authenticate transactions, along with dynamic data authentication (DDA) and combined […]

Read more

Assessing Threats to the Pyeongchang 2018 Winter Olympics

Olympic events are high-budget, high-profile convergences of elite athletes and global media organizations that tend to carry inherently geopolitical undertones. As such, they can be seen as appealing targets for various cyber and physical adversaries motivated by financial or political gain. The 2018 Winter Olympics in Pyeongchang, South Korea are no exception, with the precarious […]

Read more

Tax Season is Prime Time for Business Email Compromise

February 15, 2018

Business Email Compromise (BEC) is somewhere north of a $5 billion annual global criminal enterprise, according to the FBI’s Internet Crime Complaint Center (IC3), dwarfing most other threats in terms of dollar losses, including ransomware and prolific banking malware such as GameOver Zeus. And right now, we’re in one of the criminals’ most lucrative periods […]

Read more

Targeted Attacks Against South Korean Entities May Have Been as Early as November 2017

On January 31, 2018, KrCERT/CC, the Republic of Korea’s (South Korea) Computer Emergency Response Team, released a notice regarding an Adobe Flash vulnerability, designated CVE-2018-4878. The notice stated that this zero-day vulnerability affects all versions of Adobe Flash Player ActiveX up to 28.0.0.137, which Adobe released on January 9, 2018. KrCERT/CC recommended uninstalling Flash Player […]

Read more

The Proliferation of Carded Purchases in the Spanish-Language Underground

January 25, 2018

Purchases made with compromised payment card information, known as compras among Spanish-speaking cybercriminals, are a frequent subject of chatter in Spanish-language Deep & Dark Web (DDW) communities. Since late 2015, fraudulent activity related to stolen card information has become increasingly pervasive across the Spanish-language underground, primarily originating from Latin America. Compras vendors can obtain compromised […]

Read more

Criminals Finding FinTech to Their Liking

Financial technology, or fintech, has banks on edge because of its potential to disrupt core means of doing business. Services are being delivered in ways unimaginable a decade ago, and technology such as near-field communication, digital wallets, and other mobile-based payment and banking options are elevating many new players to heights previously reserved for a […]

Read more

International Bank Robberies Leverage Adjacent Properties for Unconventional Access Routes

At a time when much of the thinking about the security of financial institutions has shifted to cyber, it is important to remember that banks worldwide still face a range of physical threats. Flashpoint analysts have observed a recent spate of bank robberies that exhibit similar tactics, techniques, and procedures (TTPs) where the criminals leveraged […]

Read more

Trickbot Gang Evolves, Incorporates Account Checking Into Hybrid Attack Model

Individuals who reuse login credentials across multiple sites are more susceptible to account checking attacks, which occur when threat actors use credentials stolen from past database breaches or compromises to gain unauthorized access to other accounts belonging to the same victims. However, the process of mining compromised data for correct username and password combinations requires […]

Read more