Latest

Cyberwarfare / Nation-State Attacks

Nation-State Hackers Greatest Threat to 5G Networks: Report

Apurva Venkat  •  October 11, 2019

Nation-state attackers from outside the European Union pose the greatest threat to the continent's upcoming 5G networks, according to a new security assessment, which sidesteps the issue of Chinese firm Huawei's role in building these networks.

Account Takeover

Singapore Man Charged in Large-Scale Cryptomining Scheme

Apurva Venkat  •  October 11, 2019

A Singapore man allegedly ran a large-scale cryptocurrency mining scheme that involved using stolen identities to access Amazon and Google cloud computing resources, according to a 14-count U.S. Justice Department indictment.

3rd Party Risk Management

Analysis: Twitter's Phone Number Repurposing 'Mistake'

Nick Holland  •  October 11, 2019

The latest edition of the ISMG Security Report analyzes Twitter's repurposing of user phone numbers for targeted advertising. Plus: A discussion of 5G security issues and findings of the Internet Organized Crime Threat Assessment.

Biometrics

Privacy: How Technology Is Outpacing Regulation

Suparna Goswami  •  October 10, 2019

To ensure privacy is protected, governments need to make sure standards and regulations keep pace with the latest technology developments, including facial recognition and other forms of artificial intelligence, says Steven Feldstein, an associate professor at Boise State University.

Cybercrime

Volusion Payment Platform Sites Hit by Attackers

Scott Ferguson  •  October 9, 2019

A security researcher has uncovered credit card skimming attacks targeting websites that use a cloud-based payment platform from Volusion. Among the victims: The Sesame Street Live online store.

Incident & Breach Response

FBI: Cybercriminals Are Bypassing Multifactor Authentication

Akshaya Asokan  •  October 9, 2019

The FBI is warning banks, businesses and other organizations that cybercriminals are using social engineering and other technical techniques to circumvent multifactor authentication security protections.

Cyberwarfare / Nation-State Attacks

Preventing Election Interference: New Recommendations

Apurva Venkat  •  October 9, 2019

To counter efforts to interfere in the 2020 presidential election, the Senate Intelligence Committee recommends new security measures for social media companies, new legislation and creating an interagency task force.

Fraud Management & Cybercrime

Twitter Apologizes for Repurposing Phone Numbers

Jeremy Kirk  •  October 9, 2019

Twitter apologized on Tuesday for repurposing phone numbers provided by users for security features for use in targeted advertising, claiming the move was a mistake. Earlier, Facebook was reprimanded for a similar practice.

►

Governance

Insider Threat Mitigation: Sanctions and Incentives

Nick Holland  •  October 8, 2019

The battle against insider threats requires a balance of sanctions and incentives, says Michael Theis of the CERT Insider Threat Center.

►

Cybercrime

Update: Internet Security Threat Report

Nick Holland  •  October 8, 2019

Kevin Haley of Symantec shares key findings from the company's latest Internet Security Threat Report.

►

Fraud Management & Cybercrime

Regional Trends in Payment Fraud

Nick Holland  •  October 8, 2019

Payment fraud is a universal threat, but there are regional nuances. Kimberly Sutherland of LexisNexis Risk Solutions compares the threat landscapes in Canada and the United States.

►

Artificial Intelligence & Machine Learning

Implementing a 'Machine Speed' Response to Attacks

Nick Holland  •  October 8, 2019

Criminals are weaponizing artificial intelligence and machine learning for cyberattacks. David Masson of Darktrace describes how to fight back at "machine speed."