Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
GameOver Zeus (GOZ) is a direct descendant of the Zeus Trojan and has plagued financial institutions and their customers for years, stealing more than $100 million. Earlier in the week, the FBI announced a coordinated takedown effort to disrupt the GOZ botnet and the cybercrime operation behind it.
- Can I drop a pacemaker 0day? (Errata Security)
Robert Graham of Errata poses a vulnerability disclosure question for which there isn't an easy answer. With practically everything from cars to implants having connectivity, how does the security research community ensure that unresponsive manufacturers fix easily-discovered, life-endangering vulnerabilities without disclosing the vulnerability and endangering lives?
- Peek Inside a Professional Carding Shop (KrebsonSecurity)
Where does your credit card data go after it's been stolen? There's a good chance it ends up for sale in a carding shop. Brian Krebs shows how a major carding shop packages and sells stolen card data in their online marketplace.
- The danger of the latest NTP attacks (Arbor Networks)
NTP amplification DDoS attacks have become a weapon of choice because they allow cybercriminals to launch massive attacks with far fewer resources. Arbor Networks does a good job of explaining why they shouldn't be taken lightly.