Our researcher describes how malware is disabling popular security plugins on compromised WordPress websites to conceal malicious behavior and evade detection.
Category: cybercrime/malcode – Page 162
The promise of artificial intelligence for cybersecurity is that it will free security professionals at government agencies from menial tasks and allow them to focus on threat hunting and higher-level work. Another benefit that might get lost in the shuffle, but is no less important, is that automation in cybersecurity can actually lead to enhanced security for agencies.
Five governments are testing that proposition. Last month, the states of Arizona, Louisiana, Massachusetts and Texas, along with Maricopa County, Ariz., announced a partnership with the Multi-State Information Sharing and Analysis Center and the Johns Hopkins Applied Physics Laboratory (APL) to pilot a cybersecurity automation program.
The agencies will be using security orchestration, automation and response (SOAR) tools, which “enable organizations to collect security-threat data through multiple sources and perform triage response actions significantly faster than with manual processes,” according to a Johns Hopkins press release. The hope is that it will enable the agencies to “quickly and broadly share information — in near real time — and leverage automation to prevent or respond to cyberattacks,” the release states.
Public-private partnerships have been central to the development of cybersecurity over the past decade, through the sharing of threat information between commercial organizations and historically secretive government agencies. The opportunity now exists for a new era of public-private partnership, for a new realm of information sharing.
Cyberattacks continue to be reported as a key business risk. In the recent World Economic Forum’s Regional Risks for Doing Business 2019 report, survey respondents in six of the world’s 10-largest economies identified cyberattacks as their number one risk.
However, as distinct from other risks such as fiscal crises or energy price shocks, cyberattacks have a clear mitigation: cybersecurity. Yet despite a decade of rising spending, respondents do not have confidence in their ability to deliver sufficiently strong cybersecurity to mitigate the risk. Why is this?
As cybercrime is becoming more lucrative and more automated, we’re going to have to depend on automated defenses on the other side.
This is an article from 2014, but it’s interesting — especially for why phishing emails are so lame. Money quote:
‘The answer is that the implausibility is a useful tool for the scammers. An entirely believable email would get millions of people falling for the bait – most of whom would catch on later when the scammers started requesting private banking details. This way, the fraudsters can avoid wasting their time on no-hopers, knowing that any replies they do receive are … See More.
Maybe your bank wants you to update your password; maybe a new Facebook friend wants to show you a funny web page. Maybe a Nigerian lawyer wants to pass on a legacy from a long-lost relative.
What all of these people are really after, of course, are your password, bank details and, ultimately money. Such phishing scams, says Microsoft, are costing the world as much as $5bn a year. For some reason, the UK is a favourite hunting ground for the phishers: here, says security firm Proofpoint, unsolicited email is almost three times more likely to contain a malicious link than in the US.
But who falls for these scams? Well, you do. While it’s easy to assume that only the technologically illiterate will be vulnerable, new research shows that in fact the reverse is true.
New research shows how the next generation of ultra-secure communication could be possible with existing infrastructure.
Amanda Christensen, ideaXme guest contributor, fake news and deepfake researcher and Marketing Manager at Cubaka, interviews Dan Mapes, PhD, MBA co-founder of VERSES.io and co-author of The Spatial Web: How Web 3.0 Will Connect Humans, Machines, and AI to Transform the World.
Amanda Christensen Comments:
We’ve come a long way since the invention of the internet, and even further since the invention of the first computer, which together have undeniably significantly facilitated everyday life. We have never had access to more information at the touch of our fingers, or been more connected than we are now.
However, the exponential advancement of the internet has brought along with it a whole host of problems, such as the rampant spread of fake news, deep fake technology, significant data breaches, and hacking, to name a few.
The further advancement of the internet, and particularly AI, is inevitable, as the full potential of their capabilities are far from being reached. But how do we advance in a way that both further optimises our lives but simultaneously protects us from further misuse?
The Spatial Web
At the same time, the NCSC had to help government and public-sector organisations deal with the sudden increased dependence on technology, whether in the cabinet meeting over video link or the government sending out genuine text messages to the entire public.
The departing head of the National Cyber Security Centre reflects on the threats he has faced.
The Emotet botnet has begun to use a new template for their malicious attachments, and it is just as dangerous as ever.
After a five-month “vacation,” the Emotet malware returned in July 2020 and began to spew massive amounts of malicious spam worldwide.
The bug, now fixed, could be abused to steal sensitive and private data from other apps.