Our researcher describes how malware is disabling popular security plugins on compromised WordPress websites to conceal malicious behavior and evade detection.
The promise of artificial intelligence for cybersecurity is that it will free security professionals at government agencies from menial tasks and allow them to focus on threat hunting and higher-level work. Another benefit that might get lost in the shuffle, but is no less important, is that automation in cybersecurity can actually lead to enhanced security for agencies.
Five governments are testing that proposition. Last month, the states of Arizona, Louisiana, Massachusetts and Texas, along with Maricopa County, Ariz., announced a partnership with the Multi-State Information Sharing and Analysis Center and the Johns Hopkins Applied Physics Laboratory (APL) to pilot a cybersecurity automation program.
The agencies will be using security orchestration, automation and response (SOAR) tools, which “enable organizations to collect security-threat data through multiple sources and perform triage response actions significantly faster than with manual processes,” according to a Johns Hopkins press release. The hope is that it will enable the agencies to “quickly and broadly share information — in near real time — and leverage automation to prevent or respond to cyberattacks,” the release states.
Public-private partnerships have been central to the development of cybersecurity over the past decade, through the sharing of threat information between commercial organizations and historically secretive government agencies. The opportunity now exists for a new era of public-private partnership, for a new realm of information sharing.
Cyberattacks continue to be reported as a key business risk. In the recent World Economic Forum’s Regional Risks for Doing Business 2019 report, survey respondents in six of the world’s 10-largest economies identified cyberattacks as their number one risk.
Continue reading “How to build a modern public-private cybersecurity partnership” »
As cybercrime is becoming more lucrative and more automated, we’re going to have to depend on automated defenses on the other side.
This is an article from 2014, but it’s interesting — especially for why phishing emails are so lame. Money quote:
‘The answer is that the implausibility is a useful tool for the scammers. An entirely believable email would get millions of people falling for the bait – most of whom would catch on later when the scammers started requesting private banking details. This way, the fraudsters can avoid wasting their time on no-hopers, knowing that any replies they do receive are … See More.
Maybe your bank wants you to update your password; maybe a new Facebook friend wants to show you a funny web page. Maybe a Nigerian lawyer wants to pass on a legacy from a long-lost relative.
Continue reading “The psychology of phishing: why do we fall for terrible email scams?” »
New research shows how the next generation of ultra-secure communication could be possible with existing infrastructure.
Amanda Christensen, ideaXme guest contributor, fake news and deepfake researcher and Marketing Manager at Cubaka, interviews Dan Mapes, PhD, MBA co-founder of VERSES.io and co-author of The Spatial Web: How Web 3.0 Will Connect Humans, Machines, and AI to Transform the World.
Amanda Christensen Comments:
Continue reading “Optimising the Everyday with The Spatial Web” »
At the same time, the NCSC had to help government and public-sector organisations deal with the sudden increased dependence on technology, whether in the cabinet meeting over video link or the government sending out genuine text messages to the entire public.
The departing head of the National Cyber Security Centre reflects on the threats he has faced.
The Emotet botnet has begun to use a new template for their malicious attachments, and it is just as dangerous as ever.
After a five-month “vacation,” the Emotet malware returned in July 2020 and began to spew massive amounts of malicious spam worldwide.
