Attackers continue to shift their tactics to help evade improvements in defenses, says Rick McElroy, security strategist for Carbon Black. Recent trends include fileless attacks, shifting from PowerShell to WMI, plus cryptojacking and credential harvesting.
Leading the latest edition of the ISMG Security Report: A preview of next week's Fraud and Breach Summit in Chicago, which will feature keynoter Brett Johnson, a former cybercriminal who now advises organizations on fighting crime.
Just one click: That's all it takes for a victim to inadvertently grant attackers access to their email account via a third-party application. Here's how to spot signs of OAuth-related hacking and how to defend against it.
We need to talk about ransomware, says James Lyne, global research adviser at Sophos: "It's not the big, sexy security topic that it once was, but there's some really interesting evolution in their tactics." Lyne rounds up the latest tactics and describes how machine learning is offering new defensive hope.
To stop malware, it helps to spot it as fast as possible and keep tabs on what it might be trying to do. "We all know that a well-funded, patient, creative attacker - there's no way to keep them out," says Lastline's Patrick Bedwell.
The latest challenge to face CISOs: Finding the best way to keep their organization secure while at the same time navigating political edicts that may lack any technical detail or present solid facts or alternatives to suspect technology, says Jaya Baloo, CISO of KPN Telecom.
Financial services firms write off a certain level of online fraud as a cost of doing business, but these losses directly fund organized crime and help legitimize cybercrime as a career path, says Trusted Knight's Trevor Reschke, who stresses the sector must do more to combat fraud.
Never underestimate the human factor in attacks. Indeed, many of today's top attacks - from malware to phishing - require some level of interaction from victims. "They're targeting people - they're targeting the users within our businesses," says Proofpoint's Adenike Cosgrove.
Symantec says it has uncovered a cyber espionage campaign that targets telecommunications operators in Southeast Asia - as well as a defense contractor and satellite communications operator - and warns that the hacking group, dubbed Thrip, may be laying the groundwork for more destructive attacks.
In the past 12 months, there's been a blistering series of high-impact attacks that increasingly blur the lines "between statecraft and criminal organizations," says CrowdStrike's Zeki Turedi. How much of this blurring is intentional?
Email attacks continue to bite businesses, with organizations reporting not only a steady stream of ransomware, but also increasingly targeted social engineering attacks and account takeovers for cloud service users, says Barracuda's Hatem Naguib.
As the prevalence and scale of data breaches continues to increase - with attacks such as WannaCry and NotPetya having compromised entire business sectors - organizations must focus much more on preventing attacks, says Check Point's Gad Naveh.
Government regulation is key to minimizing the misuse of cryptocurrencies for cybercrime, says Brett Johnson, a former cybercriminal who now consults on crime prevention. But regulating cryptocurrencies is no easy task, he acknowledges. Johnson will keynote ISMG's Fraud and Breach Prevention Summit in Chicago.
The U.S. Department of Justice has charged a former CIA officer, 29-year-old Joshua A. Schulte, with providing 8,000 documents that describe the agency's offensive malware tools and practices to WikiLeaks, which published them in 2017 as the "Vault 7" archive.