• Cybercrime tactics & techniques Q2 2018
    A generally slow quarter reflects an overall lull in cybercrime, picking up where Q1 left off with cryptominers continuing to dominate, ransomware continuing to evolve through experimentation, and exploits making a small but significant comeback. In nearly every malware category for both business and consumer detections, we saw a decrease in volume, corroborating our general “Dang, it’s been a little too quiet in here” sentiments since starting the new year. Malwarebytes’ top two consumer detections continue to be adware and cryptomining, respectively, while miners took over the number one spot for business detections in Q2. Meanwhile, backdoors shot up on both the consumer and business side, with consumer detections increasing by 442 percent. As we’ve done for the last several quarterly reports, we combined intel and statistics gathered from April through June 2018 from our Intelligence, Research, and Data Science teams with telemetry from both our consumer and business products, which are deployed on millions of machines.Read More
  • Cybersecurity's Human-Machine Paradox
    When it comes to the coming machine takeover of millions of human jobs (a recent study found that, by 2030, 75 to 375 million workers will need to switch occupational categories due to automation), cybersecurity practitioners are in a tough spot. On the other hand, that kind of progress raises a question: Will today’s human cybersecurity jobs be the domain of machines in 2030? And here lies the paradox: We’re tuning the machines to gradually do security on their own, yet by doing so, we’re reducing (or changing) the value we as humans bring to the equation. As machines become more capable, what jobs and skills remain uniquely human? Machines aren’t replacing humans in cybersecurity, but rather displacing them—pushing them to evolve their skills and take on jobs that serve as important enablers to the machines. While machines might support them, these jobs rely on innately human skills centered on the “Four Cs”: critical thinking, communication, collaboration, and creativity.Read More
  • Solving the cybersecurity dilemma
    Every federal agency is trying to solve the cybersecurity dilemma – how to operate in the modern world of the internet of things, mobile, and the cloud while protecting data. Forcepoint has been serving commercial and federal clients for years. Even if artificial intelligence and machine learning are implemented, sooner or later the volume of attacks will overwhelm a person’s ability to manage. In July, the Air Force had an unpatched router, allowing a malicious actor to breach the system and copy maintenance manuals for a Reaper Drone. He suggests that stronger controls for allowing access to information, like maintenance manuals, may be a better way to protect data. He suggests that a system can understand a person’s intent.Read More
  • Decentralization Helps Us Reimagine Employee Workstation Access
    In theory, an enterprise-ready authentication solution should be responsive to the security and usability goals the enterprise sets for employee workstation access. The missing link to achieving the goal of a secure, seamless employee workstation access system that requires no special hardware, increases security and markedly enhances usability — yes, even for the forgotten person inside the enterprise — is to leverage mobile devices for access across all systems and environments. This is done through the enterprise bringing employee-owned or company-deployed mobile devices to the next level through decentralized authentication. Simply put, an employee should be logging into her or his workstation using their mobile device as a secure digital key into all devices, apps and environments. Going further, identity and access management (IAM) teams at the enterprise also have a combination of different authentication factors on which to rely for users: inherence (biometrics), possession (mobile device) and knowledge (PIN).Read More
  • Insider threat management firm ObserveIT raises $33 million
    JERUSALEM (Reuters) - ObserveIT, a provider of insider threat management software, said on Tuesday it raised $33 million in a private funding round with participation from Bain Capital Ventures and Spring Lake Equity Partners. NightDragon Security, the cybersecurity investment firm founded by industry veteran Dave DeWalt, also participated. The funding will be used to accelerate product innovation and to expand the sales and marketing teams to support the company’s global growth. ObserveIT, founded in 2007 by two Israelis, said that in the past year the company increased customer deals by 185 percent while new customer deal size grew by more than 250 percent. “Whether accidental or malicious, insider threats are increasing in both frequency and cost,” said Mike McKee, CEO of ObserveIT. The firm, which employs 150 people, is based in Boston and has its main research and development center in Israel.Read More
  • Disclosing trade secrets increases risk of cyberattack, study finds
    Credit: Pexels.com U.S. firms that disclosed the existence of trade secrets have a significantly higher probability of becoming targets of hackers, according to a new study led by a University of Kansas accounting professor. They found that occurrences of cyberbreaches are positively associated with U.S. firms' disclosures of the existence of trade secrets—without divulging specifics of the actual secrets—in Form 10-K filings with the U.S. Securities and Exchange Commission. "We think our results suggest that managers of younger firms, those having fewer employees and those operating in less concentrated industries should be more careful with respect to their disclosure policies." Managers might disclose the existence of trade secrets to persuade investors that their companies have novel products and competitive advantages. There is no SEC rule that requires companies to disclose whether they have trade secrets, and the researchers don't believe they should be required to do so, he said, but their findings do give companies the ability to make a more informed decision on how to handle the disclosures.Read More
  • Security Instrumentation Firm Verodin Raises $21 Million
    Verodin, a Virginia-based company that helps organizations assess the effectiveness of their cybersecurity controls, on Tuesday announced that it has raised $21 million in a Series B funding round. The latest funding round brings the total raised by Verodin to $34 million. The company secured $10 million in a Series A funding round in June 2016. While the Series B round was officially announced only on Tuesday, the funding was actually revealed in late June when a SEC filing showed that the company had raised roughly $20.7 million from 14 investors. Related: BitSight Raises $60 Million in Series D Funding Round Related: UK Email Threat Firm Tessian Secures $13 Million Series A FundingRead More
  • Downward Trend in Healthcare Ransomware Attacks May be Temporary
    Cryptonite believes that one of the reasons for the decline in ransomware is general improvements in healthcare security. It is the potential weaponization of AI to support ransomware that Cryptonite feels might fuel a resurgence of ransomware attacks over the next year. In the meantime, Britton White, security & HIPAA compliance advisor at Fortified Health Security, fears that any reported decline in ransomware is likely to give a false sense of optimism -- and potentially lead healthcare organizations to relax their vigilance. While the number of ransomware attacks has decreased over last year, the number of breached patient records has grown from 1,767,955 in the second half of 2017 to 1,928,432 in the first half of 2018 -- an increase of 9.08%. How many healthcare organizations haven't reported being hit with ransomware? Related: SamSam Ransomware Attacks Hit Healthcare FirmsRead More
  • Europol and Israel sign arrangement to tackle cross-border crime
    Israel’s National Police Commissioner, Inspector General Ronen Alsheich and Europol’s Executive Director, Catherine De Bolle, today signed a working arrangement to expand cooperation to combat cross-border criminal activity. The signature concludes successful negotiations between Europol and Israel on how to effectively join forces to fight serious and organised crime. After entry into force of the agreement, this new level of cooperation will be important for tackling priority crime areas affecting both the European Union (EU) and Israel, such as fraud, cybercrime and terrorism. Investigations in the EU have occasionally established links to Israel in the field of financial crime. Catherine De Bolle, Executive Director of Europol, said: "Today, I am signing the first ever Europol working arrangement between Europol and a non-EU country.Read More
  • Charitable Hackers Collaborate in Deep Web Forums
    Now Ziv Mador, VP of security research at Trustwave, has given SecurityWeek more details of a well-organized charitable element found in numerous deep web forums. In the English-speaking forum, charitable donations tended be from individuals. "Anyone can become a modern Robin Hood" one hacker posted to the forum. So, if a child needs some medication or surgery and the parents cannot pay for it, they can submit a request for support with supporting documents -- and there is a very specific post in one of the underground forums specifying exactly what documents are needed to get support from the forum." One forum promises to donate half the money it collects to the charitable work. "In one of the forums," said Mador, "it was suggested that since this charitable work takes time and effort, it needed a manager to manage the whole process.Read More