Cryptocurrency money laundering is increasing dramatically, being already three times greater than in 2017. And we're only half way through the year, observes Dave Jevans, Founder and CEO of CipherTrace, and chairman of the Anti-Phishing Working Group.
Numerous technology firms now offer facial biometrics recognition search tools for big data sets. But information security expert Alan Woodward warns that these big data sets must be "considered and regulated very heavily" or else we'll be "living in 1984 without knowing it."
Security experts warn that hackers could one day make use of machine learning and AI to make their attacks more effective. Thankfully, says Cybereason's Ross Rustici, that doesn't appear to have happened yet, although network-penetration attacks are getting more automated than ever.
Facebook has responded to more than 2,000 questions posed by U.S. Senate and House committees with 747 pages of answers, which reveal that Facebook was still been providing special access to user data to dozens of companies, six months after it says it had stopped doing so in 2015.
Old technology never dies, but rather fades "very slowly" away, as evidenced by there being 21 million FTP servers still in use, says Rapid7's Tod Beardsley. Rapid7's scans of the internet have also revealed a worrying number of internet-exposed databases, memcached servers and poorly secured VoIP devices.
What are hot cybersecurity topics in Scotland? The "International Conference on Big Data in Cyber Security" in Edinburgh focused on everything from securing the internet of things the rise of CEO fraud to the origins of "cyber" and how to conduct digital forensic investigations on cloud servers.
"This is not a crazy state; this is a rational state pursuing rational objectives." So said Robert Hannigan, former head of Britain's GCHQ intelligence service, when describing North Korea in a wide-ranging talk at the Infosecurity Europe conference that also touched on Russian hacking and cybercrime.
Reality Leigh Winner, 26, a former contractor for the NSA, has pleaded guilty to leaking a "top secret" five page document that describes Russian meddling with U.S. voting systems. She's agreed to a plea deal that calls for her to serve a 63-months prison sentence.
Many phishing campaigns are very targeted against specific types of users inside an organization, says Ironscale's Brendon Rod, who notes that "70 percent of attacks are targeting just 10 mailboxes or less and around 30 percent are just targeting one mailbox."
Attackers continue to shift their tactics to help evade improvements in defenses, says Rick McElroy, security strategist for Carbon Black. Recent trends include fileless attacks, shifting from PowerShell to WMI, plus cryptojacking and credential harvesting.
Leading the latest edition of the ISMG Security Report: A preview of next week's Fraud and Breach Summit in Chicago, which will feature keynoter Brett Johnson, a former cybercriminal who now advises organizations on fighting crime.
Just one click: That's all it takes for a victim to inadvertently grant attackers access to their email account via a third-party application. Here's how to spot signs of OAuth-related hacking and how to defend against it.
We need to talk about ransomware, says James Lyne, global research adviser at Sophos: "It's not the big, sexy security topic that it once was, but there's some really interesting evolution in their tactics." Lyne rounds up the latest tactics and describes how machine learning is offering new defensive hope.