Tag Archives: sophisticated

DAG Rosenstein: ‘Sophisticated Attacks Focus On Particular Businesses’

Photo supplied from the U.S. Department of Justice

U.S. Deputy Attorney General Rod Rosenstein

“It is important to report cyber incidents as quickly as possible.” said U.S. Deputy Attorney General Rod Rosenstein at the Global Cyber Security Summit, hosted by Skytop Strategies in London this past October.

As the global threat of cyber security breaches continues to grow, it becomes paramount for a company’s well-being, both financial and otherwise, to remain vigilant in it’s updates of the cyber security threat landscape.

A recent global cyber landscape threat report by Fortinet, Inc. identifies 3 general types of threats:

  • Exploit Data: Attacker reconnaissance activities to identify vulnerable systems and attempts to showcase those vulnerabilities;
  • Malware Data: Weaponization or delivery stages of an attack rather than successful installation in target systems;
  • Botnets Data: Command and control traffic between compromised internal systems and malicious external hosts.

According to this report, the third quarter

Read more at: https://www.forbes.com/sites/christopherskroupa/2018/01/08/d-a-g-rosenstein-sophisticated-attacks-focus-on-particular-businesses/

Online credit card fraud on the rise as cyber criminals become more sophisticated

Updated

August 03, 2017 11:07:44

A collection of credit cards
Photo:

“Card not present” and “ghost terminal” fraud are on the rise. (ABC Adelaide: Brett Williamson)

Cyber criminals are becoming increasingly sophisticated about credit card fraud as more consumer payments move online, according to a new report.

The Australian Payments Network — the industry’s self-regulatory body — has revealed a significant increase in card fraud, with stolen card details accounting for 78 per cent of fraudulent card transactions.

In its annual fraud data report,

Read more at: http://www.abc.net.au/news/2017-08-03/credit-card-fraud-on-the-rise/8769944

It’s a myth that most cyber-criminals are ‘sophisticated’

Among the mistakes journalists sometimes make when covering cyber-security stories is calling an attack “sophisticated” when it’s anything but. And it tends to irritate security professionals.

There’s no real definition of what a sophisticated attack is, but a more elaborate hacking incident might involve gathering intelligence on a specific, complex network before it could be successfully and subtly exploited.

Attacks like that do happen. But more often than not, the hackers and cyber-criminals hitting the headlines aren’t doing anything magical. In fact, they’re often just wily opportunists – like all criminals.

The head of Europol says that the growth of cyber-crime is “relentless”. The agency has identified a range of increasingly common methods used by 21st Century offenders – and these are not sophisticated. These include digital payment attacks, ransomware, selling illicit material on the dark web and stealing people’s personal data to commit fraud or identity theft.

Much of

Read more at: http://www.bbc.com/future/story/20170726-why-most-hackers-arent-sophisticated

It’s a myth that cyber-criminals are ‘sophisticated’

Among the mistakes journalists sometimes make when covering cyber-security stories is calling an attack “sophisticated” when it’s anything but. And it tends to irritate security professionals.

There’s no real definition of what a sophisticated attack is, but a more elaborate hacking incident might involve gathering intelligence on a specific, complex network before it could be successfully and subtly exploited.

Attacks like that do happen. But more often than not, the hackers and cyber-criminals hitting the headlines aren’t doing anything magical. In fact, they’re often just wily opportunists – like all criminals.

The head of Europol says that the growth of cyber-crime is “relentless”. The agency has identified a range of increasingly common methods used by 21st Century offenders – and these are not sophisticated. These include digital payment attacks, ransomware, selling illicit material on the dark web and stealing people’s personal data to commit fraud or identity theft.

Much of

Read more at: http://www.bbc.com/future/story/20170726-why-most-hackers-arent-sophisticated?ocid=global_future_rss

Low risk, high reward: Threat actors leave sophisticated attacks behind

Low risk, high reward: Threat actors leave sophisticated attacks behind

The greatest risk to mid-sized organisations is rudimentary attacks, such as intrusion attempts, information gathering and policy violations.

A recent cyber-threat report from eSentire provides an overview of the cyber-threats investigated by the company’s Security Operations Centre (SOC) in 2016. The research provides threat perspective for business leaders in small and midsize organisations as well as takeaways to help strategically reduce the risk of cyber-threats.

The research consisted of data gathered from more than 1500 proprietary network and host-based detection sensors globally across various industries.

March to April and September to October were the most intense periods of threat events throughout 2016. June and July were the least active months.

Intrusion attempts, information gathering and policy violations were the most often observed threat categories, which represented 63 percent of all observed attacks.

Intrusion attempt (primarily web attacks) was the top-ranking

Read more at: https://www.scmagazineuk.com/low-risk-high-reward-threat-actors-leave-sophisticated-attacks-behind/article/655270/

Low risk, high reward: Threat actors leave sophisticated attacks behind

Low risk, high reward: Threat actors leave sophisticated attacks behind

The greatest risk to mid-sized organisations is rudimentary attacks, such as intrusion attempts, information gathering and policy violations.

A recent cyber-threat report from eSentire provides an overview of the cyber-threats investigated by the company’s Security Operations Centre (SOC) in 2016. The research provides threat perspective for business leaders in small and midsize organisations as well as takeaways to help strategically reduce the risk of cyber-threats.

The research consisted of data gathered from more than 1500 proprietary network and host-based detection sensors globally across various industries.

March to April and September to October were the most intense periods of threat events throughout 2016. June and July were the least active months.

Intrusion attempts, information gathering and policy violations were the most often observed threat categories, which represented 63 percent of all observed attacks.

Intrusion attempt (primarily web attacks) was the top-ranking

Read more at: https://www.scmagazineuk.com/low-risk-high-reward-threat-actors-leave-sophisticated-attacks-behind/article/655270/

Low risk, high reward: Threat actors leave sophisticated attacks behind

Low risk, high reward: Threat actors leave sophisticated attacks behind

The greatest risk to mid-sized organisations is rudimentary attacks, such as intrusion attempts, information gathering and policy violations.

A recent cyber-threat report from eSentire provides an overview of the cyber-threats investigated by the company’s Security Operations Centre (SOC) in 2016. The research provides threat perspective for business leaders in small and midsize organisations as well as takeaways to help strategically reduce the risk of cyber-threats.

The research consisted of data gathered from more than 1500 proprietary network and host-based detection sensors globally across various industries.

March to April and September to October were the most intense periods of threat events throughout 2016. June and July were the least active months.

Intrusion attempts, information gathering and policy violations were the most often observed threat categories, which represented 63 percent of all observed attacks.

Intrusion attempt (primarily web attacks) was the top-ranking

Read more at: https://www.scmagazineuk.com/low-risk-high-reward-threat-actors-leave-sophisticated-attacks-behind/article/655270/

Cyber-criminal Tactics Get Incredibly Sophisticated

Cyber-criminals are getting more sophisticated, with advanced attack techniques and tools coming to the fore. In fact, there’s really no difference between the tactics, techniques and procedures (TTPs) used by state-sponsored actors and those used by financially motivated actors.

That’s according to FireEye’s M-Trend 2017 report, which found that nation-states continue to set a high bar for sophisticated cyberattacks—but some financial threat actors have caught up to the point where there is no longer much of a line separating the two. Financial attackers have improved their TTPs to the point where they have become difficult to detect and, challenging to investigate and remediate.

Prior to 2013, the firm characterized actors targeting financial information (ACH, PCI, direct deposit, tax return, etc.) as “smash and grab.” The attackers did not hide their actions and did not demonstrate an intent to maintain access to an environment once detected. The targets were largely opportunistic, the tools

Read more at: https://www.infosecurity-magazine.com/news/cybercriminal-tactics-get/

Cyber crime more sophisticated – putting on a top hat, white tie and tails

100% protection against today’s cyber threats is a pipe dream so it is more about how we survive cyber attacks – cyber resilience is the name of the game.

Building cyber resilience is a strategy that layers state-of-the-art preventative systems, point-in-time recovery measures, and a means to maintain continuity during an attack. A good strategy can make a significant difference in fending off the myriad of sophisticated threats. No one can predict all the attacks coming but they can build in cyber resilience and learn from what has already happened.

iTWire asked Peter Bauer CEO and co-founder of Mimecast, a major cloud email provider, and as such part of cyber crime’s main attack vector, phishing, to share his insights into tomorrow’s cyber attacks and how organisations can be prepared.

Although we may not know all the answers of what’s to come, based on what we’ve seen over the year here are

Read more at: http://www.itwire.com/security/76312-cyber-crime-more-sophisticated-%E2%80%93-putting-on-a-top-hat,-white-tie-and-tails.html