In businesses around the world, 2018 showed us that cyber security vulnerabilities continue to grow and evolve. The business impact and complexity of managing cyber security is increasing dramatically, as is the need to justify cyber security investments and provide reporting relevant to the business to prove the value of those investments.
Advances in technology like artificial intelligence and machine learning accelerate the pace of new, data-driven solutions, but this can be a dual-edged sword as bad actors can leverage them into more sophisticated attacks on companies that are just trying to stay abreast of current threats.
Read about the cybersecurity predictions for 2019 by Adrian Nish, Head of Threat Intelligence at BAE Systems, on BAE Systems.
Saying it was “welcoming 2019 with open arms and a big announcement,” the Dark Overlord hacker group Monday threatened via a Pastebin post to release files it said were nicked from a law firm – believed to have advised insurer Hiscox Syndicares Ltd. – that handled September 11-related cases.
Information pilfered includes “emails, retainer agreements, non-disclosure agreements, settlements, litigation strategies, liability analysis, defence formations, collection of expert witness testimonies, testimonies, communications with government officials in countries all over the world, voice mails, dealings with the FBI, USDOJ, DOD, and more, confidential communications, and so much more,” the group wrote.
According to the Cryptocurrency Anti-Money Laundering Report from Ciphertrace some $927 million has been stolen from cryptocurrency exchanges in the first three quarters of 2018 alone. That total will almost certainly have hit, if not smashed straight through, the $1 billion mark by now. So, who were the hackers behind the heists and how did they get away with it?
The how remains sadly predictable throughout the year; exploiting vulnerabilities in crypto wallet software and servers, social engineering / password compromises and insider theft. The who covers equally predictable territory with lone wolf criminal opportunists at the lower end of scale through to well-resourced nation-state actors at the other.
Read more about cryptocurrency theft in 2018 on Forbes.
Bitcoin, Ripple. Ethereum. Monero. BTC, XRP, ETH, and XMR. The names, the jargon, the stream of white papers that proclaim the infinite possibilities of the blockchain, the startups, token sales — also known as Initial Coin Offerings (ICOs) — all culminated in an explosion of interest in virtual currency at the end of 2017.
Unfortunately, the cryptocurrency market was rife with ICO fraud and exit scams last year, as well as with coin thefts from both wallets and exchanges. Little seems to have changed — except that attacks are becoming more novel and malware appears to be becoming a more prevalent threat.
Read about this year’s biggest cryptocurrency disasters and attacks on ZDNet.
Emails are going around that may make you think you won a free 2018 BMW 2 Series M240i for the holidays, but the reality is that you just received a scam email that is trying to gather your personal information.
A scam email campaign is underway that states you won a new car through a BMW Lottery. These scam emails will have subject lines similar to “Claim Your Car and Check With your Winning Code”.
Next year could see cybercrime’s total cost to the world economy rise to more than $2 trillion. We’ll inevitably see new threats emerge and existing threats grow more sophisticated too.
A new infographic by solicitors Cartrwight King sets out some facts and stats about this burgeoning problem, including the states cybercriminals typically hail from and how government’s around the world have punished those caught (though of course few are caught).
The cybersecurity threat continues to worsen. In the first half of 2018, the number of cyber breaches soared over 140% from a year earlier, leading to 33 billion compromised data records worldwide, reports Gemalto, an international data security company.
Small and medium-sized businesses (SMBs) are increasingly targeted and many are realising that they are viewed as attractive a target as the larger companies. Cisco’s 2018 SMB Cybersecurity Report found that 53% of mid-market companies in 26 countries experienced a breach.
Read more about the growing cyber threat for SMBs and learn how small companies can protect themselves in 2019, on Information Age.
This new tech support scam variant was reported in a Google Chrome bug report that states that once a user visits the page, the CPU utilization quickly goes to 100%. This makes it impossible to close the tab, the browser, or properly use the computer until the Chrome process is killed.
Data breaches happen daily, in too many places at once to keep count. But what constitutes a huge breach versus a small one? CSO compiled a list of 18 of the biggest or most significant breaches of the 21st century.
Thelist is based not necessarily on the number of records compromised, but on how much risk or damage the breach caused for companies, insurers and users or account holders. In some cases, passwords and other information were well protected by encryption, so a password reset eliminated the bulk of the risk.
Read the full list of biggest data breaches of the 21st century on CSO.
Amnesty International this week released a report detailing how hackers can automatically bypass multifactor authentication (MFA) when the second factor is a text message, and they’re using this tactic to break into Gmail and Yahoo accounts at scale.
MFA is generally recommended; however, its security varies depending on the chosen factor. Consumers prefer second-factor codes sent via text messages because they’re easy to access. Unfortunately for some, cybercriminals like them for the same reason.
Read more about the findings of the report on DarkReading.