For people with responsibility for corporate security – everyone from CIOs to CISOs and CROs – AI presents two types of risk that change the nature of their jobs. The first is that criminals, bad state actors, unscrupulous competitors, and inside threats will manipulate their companies’ fledgling AI programs. The second risk is that attackers will use AI in a variety of ways to exploit vulnerabilities in their victims’ defenses. The question remains – which protects which?
Facebook has around 2.38 billion active users every month, 65% of which are on the platform on a daily basis and are sharing 4.75 billion pieces of content every day. That’s some statistics for you! Now let’s put it in context. How many of those 4.75 billion messages or photos do you think contain some form of malware? And how many of those 1.56 billion daily users do you think might have malicious intentions aimed at you or other Twitter users? We are all in danger everywhere – even in cyberspace – so we must be careful who we communicate with and how. To that end, we give you 4 steps to secure your Facebook account and protect yourself.
A noticeable shift in the methodology for developing malware is taking place, and it can’t go unaddressed. A few years ago, attackers’ primary objective was to avoid detection – second only to making a profit. But recently, these criminals have realized a critical truth: the longer they hold an infected endpoint, the more their profit increases.
Open Source software is always trustworthy, right? Last year, Bertus broke a story about a malicious Python package called “Colourama”. When used, it secretly installs a VBscript that watches the system clipboard for a Bitcoin address and replaces that address with a hardcoded one. Essentially this plugin attempts to redirects Bitcoin payments to whoever wrote the “colourama” library.
It’s no surprise that spending on security technology continues to soar. Nevertheless, data breaches and cyber attacks make headlines at an incredible rate, with no relief in sight. The Online Trust Alliance reported that attacks in 2017 came from a myriad of vectors, such as phishing and ransomware, and that the number of attacks doubled to nearly 160,000 incidents per year over 2016. What’s worse, estimates for the number of unreported attacks exceed 350,000 annually.
Insider threats are becoming ever-increasing and money-consuming, so it’s essential for companies to be as informed about which employees are prone to such excesses and why, as well as what kind of data they target and how. To that effect, paying attention to unusual behavior is of the utmost importance for keeping your company and all the sensitive data safe. Take a look at the warning signs that an insider might become a threat.
Employees conducting attacks on their own employees – known as insider threats – are becoming increasingly common and costly. According to a CA report, over 50% of organizations suffered an insider threat-based attack in the previous 12 months, while 25% say they are suffering attacks more frequently than in the previous year. 90% of those organizations claimed to feel vulnerable to insider threats.
In recent years, the most advanced hacking groups have been becoming bolder when conducting cyber attack campaigns, with the number of organizations targeted by the biggest campaigns rising by almost a third.
Log management is usually – and with good reason – implemented in order to analyze network security events for detecting intrusions and forensic purposes. That is – to see what happened only AFTER a cyber attack has taken place. Granted, it is pretty hard to detect cyber attacks, but we’ve moved away from the traditional cyber security requirements onto auditing and compliance as the reason behind employing cybersecurity measures, together with slowly accepting the importance of logging systems and application management. The purpose of introducing logging into an IT network notwithstanding, the process itself has 10 distinct steps we have prepared here for you to get acquainted with in order to help you protect your company from cybersecurity predators. So, let’s get to it!