AI Threats to Authentication Lead 2024 Fraud Trends

Suparna Goswami • December 8, 2023

In the future, deepfake technology will have a significant impact on newer forms of authentication such as voice and facial recognition and pose new challenges to defenders, said Ofer Friedman, chief business development officer at AU10TIX, an Israel-headquartered identity verification company.

Cyberwarfare / Nation-State Attacks

Israeli SMBs Warned to Cut External Comms to Reduce Risks

Latest

Standards, Regulations & Compliance

FBI to Evaluate Bids to Delay Reporting Cybersecurity Events

David Perera • December 8, 2023

The FBI outlined procedures for publicly traded companies to invoke a delay in reporting material cybersecurity incidents to investors as required under a U.S. SEC rule. Regulators allow companies a pause of up to 60 business days and up to 120 business days for a substantial national security risk.

Cybercrime

Ransomware, Vendor Hacks Push Breach Number to Record High

Marianne Kolbasuk McGee • December 7, 2023

The number of data breaches in the U.S. has hit an all-time high, amid mounting attacks against third-party vendors and aggressive ransomware attacks, says a report from Apple and a Massachusetts Institute of Technology researcher. Breaches have more than tripled between 2013 and 2022.

Cybercrime

Joe Sullivan Tells Black Hat Europe: 'Choose Your Own Destiny'

Mathew J. Schwartz • December 7, 2023

Cybersecurity professionals must choose their own destiny, former CSO Joe Sullivan said at this week's Black Hat Europe in London. CISOs will either remain down in the weeds, technically speaking, or learn to become true senior executives and be treated as such by the board.

Governance & Risk Management

Lessons in Threat Detection for Insider Threats

David Perera • December 7, 2023

Whether because they're malicious, oblivious to company rules or outsmarted by hackers, insiders pose a mounting degree of risk to companies. Hunting for outside hackers offers lessons in preventing insider incidents, said Thomas Etheridge, CrowdStrike chief global professional services officer.

Incident & Breach Response

23andMe Says Hackers Stole Ancestry Data of 6.9M Users

Mihir Bagwe • December 5, 2023

Genetics testing firm 23andMe says hackers, in a credential-stuffing attack this fall, siphoned the ancestry data of 6.9 million individuals. 23andMe disclosed the attack on Oct. 1, stating the attackers had scraped the profiles of 23andMe users who opted in to the company's DNA Relatives feature.

Cryptocurrency Fraud

North Korea's Supercharged State-Backed Cryptocurrency Theft

Mathew J. Schwartz • December 1, 2023

To service the perpetually cash-starved regime of North Korea, hackers will continue their relentless onslaught on cryptocurrency - and all users of it - with state backing to industrialize their hacking and money laundering capabilities, experts warn.

Cybercrime

Breach Roundup: Ukraine Hacks Russian Aviation Agency

Anviksha More • November 30, 2023

This week, Ukraine's intelligence service hacked Russian aviation agency, a cyberattack targeted Japan's space agency, Google addressed another zero-day, a French-led operation dismantled a Ukrainian ransomware group, and spyware targeted Serbian civil society.

Blockchain & Cryptocurrency

Cryptohack Roundup: KyberSwap Hacker Demands Control

Mihir Bagwe • November 30, 2023

This week, a KyberSwap hacker demanded total control, the U.S. Treasury called for additional tools to sanction crypto baddies, the Aerodrome and Velodrome DeFi platforms' front ends were hacked, a scam-as-a-service wallet drainer shut down, Indexed Finance thwarted hijacking attempts, and more.

Security Information & Event Management (SIEM)

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

Michael Novinson • November 28, 2023

Discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk have driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering. LogScale hit the $100 million ARR milestone last quarter thanks to its search speed, data gravity and cost efficiency.

Email Security & Protection

Proofpoint Snags Former VMware President Sumit Dhawan as CEO

Michael Novinson • November 28, 2023

Proofpoint landed top VMware lieutenant Sumit Dhawan as its new chief executive just days after the cloud and virtualization giant was acquired by Broadcom. The Silicon Valley-based email security firm said it liked Dhawan's track record of building security, cloud and end-user computing businesses.

Data Loss Prevention (DLP)

Zscaler Taps Generative AI to Measure Risk, Predict Breaches

Michael Novinson • November 27, 2023

Zscaler infused generative AI features into its data protection bundles and is introducing AI-powered products that quantify risk and predict breaches, said CEO Jay Chaudhry. The cloud security firm enhanced its data protection policies for AI/ML apps and tools to lower the likelihood of data loss.

Blockchain & Cryptocurrency

How Sam Bankman-Fried and Changpeng Zhao Will Shape Crypto

Rashmi Ramesh • November 27, 2023

Former wunderkinds Sam Bankman-Fried and Changpeng Zhao, torchbearers of a flailing crypto industry and now confirmed felons, may provoke the regulatory retrenchment that saves the industry from itself. But obstacles exist in the blockchain structure of cryptocurrency.