Do you always open email from your boss?
BEC attacks impact thousands of organizations
In their most recent threat spotlight report, Barracuda researchers observed that 6,170 malicious accounts that have used Gmail, AOL and other email services, have been responsible for over 100,000 BEC attacks which have impacted nearly 6,600 organizations. What’s more, since April 1, these ‘malicious accounts’ have been behind 45% of all BEC attacks detected.
Essentially, cybercriminals are using malicious accounts to impersonate an employee or trusted partner, and send highly personalized messages for the purpose of tricking other employees into leaking sensitive information, or sending over money.
… “The fact that email services such as Gmail are free to set up, just about anyone can create a potentially malicious account for the purpose of a BEC attack. Securing oneself against this threat requires organizations to take protection matters into their own hands – this requires them to invest in sophisticated email security that leverages artificial intelligence to identify unusual senders and requests,” said Michael Flouton, VP Email Protection, Barracuda Networks.
“However, no security software will ever be 100% effective, particularly when the sender appears to be using a perfectly legitimate email domain. Thus, employee training and education is essential, and workers should be made aware of how to manually spot, flag and block any potentially malicious content.”
Kicking you while you are down.
https://www.databreaches.net/travelex-forced-into-administration-after-ransomware-attack/
Travelex Forced into Administration After Ransomware Attack
After all these years of reporting on breaches, it’s still unusual to read that a company has folded as a result of a data breach, but we live in different times because of the added burden of the pandemic.
Phil Muncaster reports:
Ransomware victim Travelex has been forced into administration, with over 1000 jobs set to go.
[…]
“The impact of a cyber-attack in December 2019 and the ongoing COVID-19 pandemic this year has acutely impacted the business,” admitted PwC in a notice announcing the news.
The Sodinokibi (REvil) variant is believed to have struck the firm on New Year’s Eve last year, forcing its website offline and impacting its bricks-and-mortar stores and banking services.
Read more on InfoSecurity Magazine.
I see a project for my Ethical Hackers…
https://www.infosecurity-magazine.com/news/defcon-bypassing-biometric-scanners/?&web_view=true
#DEFCON: Bypassing Biometric Scanners with 3D Printed Fingerprints
Biometric authentication, including facial recognition and fingerprint scanners, is increasingly common, but that doesn’t mean they are safe from hackers.
At the DEFCON virtual security conference on August 8, security researcher Yamila Levalle from Dreamlab Technologies outlined how she was able to bypass biometric authentication for a number of different types of fingerprint scanners. During her session, Levalle explained various methods of bypass including using a budget 3D printer, which yielded positive results.
...and with everyone working from home...
Katyanna Quach reports:
In brief: Your Google Home speaker may have been quietly recording sounds around your house without your permission or authorization, it was revealed this week.
The Chocolate Factory admitted it had accidentally turned on a feature that allowed its voice-controlled AI-based assistant to activate and snoop on its surroundings. Normally, the device only starts actively listening in and making a note of what it hears after it has heard wake words, such as “Ok, Google” or “Hey, Google,” for privacy reasons. Prior to waking, it’s constantly listening out for those words, but is not supposed to keep a record of what it hears.
Read more on The Register.
A very different perspective?
Inside Privacy Audiocast: Episode 2 – Data Protection Hot Topics in Russia
On the second episode of our Inside Privacy Audiocast, we are aiming our looking glass at Russia, and are joined for our discussion by Partner Maria Ostashenko and Senior Associate Anastasia Petrova of the Data Protection and Cybersecurity practice at the Alrud law firm in Moscow.
… This Audiocast will especially be of interest to companies with operations in, or directing services into Russia.
In other words, “think about it!”
The Building Blocks of an AI Strategy
Organizations need to transition from opportunistic and tactical AI decision-making to a more strategic orientation.
… A close examination of the activities undertaken by these organizations reveals that AI is mainly being used for tactical rather than strategic purposes — in fact, finding a cohesive long-term AI strategic vision is rare. Even in well-funded companies, AI capabilities are mostly siloed or unevenly distributed.
Organizations need to transition from opportunistic and tactical AI decision-making to a more strategic orientation. We propose an AI strategy built upon three pillars.
1. AI needs a robust and reliable technology infrastructure.
2. New business models will bring the largest AI benefits.
3. AI without ethics is a recipe for disaster.
I’m waiting for an AI to offer an opinion...
https://link.springer.com/article/10.1007/s00146-020-01027-6
Artificial intelligence and moral rights
Whether copyrights should exist in content generated by an artificial intelligence is a frequently discussed issue in the legal literature. Most of the discussion focuses on economic rights, whereas the relationship of artificial intelligence and moral rights remains relatively obscure. However, as moral rights traditionally aim at protecting the author’s “personal sphere”, the question whether the law should recognize such protection in the content produced by machines is pressing; this is especially true considering that artificial intelligence is continuously further developed and increasingly hard to comprehend for human beings. This paper first provides the background on the protection of moral rights under existing international, U.S. and European copyright laws. On this basis, the paper then proceeds to highlight special issues in connection with moral rights and content produced by artificial intelligence, in particular whether an artificial intelligence itself, the creator or users of an artificial intelligence should be considered as owners of moral rights. Finally, the present research discusses possible future solutions, in particular alternative forms of attribution rights or the introduction of related rights.
Toward the automated lawyer…
https://www.bespacific.com/legal-technology-the-great-disruption/
Legal Technology: The Great Disruption?
Webb, Julian, Legal Technology: The Great Disruption? (July 31, 2020). U of Melbourne Legal Studies Research Paper No. 897, Available at SSRN: https://ssrn.com/abstract=3664476 or http://dx.doi.org/10.2139/ssrn.3664476
“This paper considers how legal technology, defined here as the use of digital information and communication technologies to automate or part automate legal work process, to provide decision support to legal service providers, and to provide legal information and advice directly to clients/end users, is re-shaping both legal work processes, and the organisation and governance of legal practice. Starting from an essentially descriptive and functional account of legal technology, the paper explores its role in changing the temporal-spatial and organisational characteristics of practice, and in creating new challenges for the regulation of legal services. The paper then moves explicitly into sociological theory to address the question how new legal technologies are reshaping the landscape of professional knowledge and expertise itself. It concludes by drawing together implications of these various strands for the future sustainability and legitimacy of the legal profession in its present form.”
The future?
Think telemarketers are a pest? Wait till China’s AI versions call
… “At first I didn’t even realise I was speaking to an automated service. I told the ‘person’ that I did not require an energy-boosting product and the voice went on to recommend another, similar product,” she said.
“When I asked ‘didn’t you hear what I just said’, the voice did not appear to understand. Just as I was about to hang up the phone, the voice suddenly identified itself as an AI phone assistant.”
Fan felt her time had been wasted. “I felt stupid talking to a machine. But the voice was so real and did not sound as if it was pre-recorded.”
… Makers of the robots claim in online advertisements they can “make over 3,000 phone calls a day”, “increase sales by 140 per cent”, “support and identify many different [Chinese] dialects” and that they do all this with “no human intervention needed”.
Resistance is futile?
https://www.bespacific.com/will-covid-19-mark-the-end-of-scientific-publishing-as-we-know-it/
Will COVID-19 mark the end of scientific publishing as we know it?
Phys.org: “”The argument for open access is so obvious, it’s painful to have to repeat it,” says Schekman, a 2013 Nobel laureate and UC Berkeley biologist. “The public pays for the research, and yet they can’t read the research. Physicians don’t have access to the literature—startup biotech companies at the forefront of discovery can’t afford the licenses.” “It’s obvious that this is the way it has to be,” he says. Under the pressure of a global health crisis, the argument for open access has sunk in. Following calls from the World Health Organization and government leaders, over 150 publishers, companies, and research institutions have agreed to temporarily make all content related to COVID-19 free to read, ensuring efforts to understand the virus can go forth undeterred. The result looks something like the most epic relay race in history. Dozens, sometimes hundreds, of studies are posted daily, with tails of citations circling the globe. Genetic mutations of the virus—clues to its spread—fill databases by the thousands. And a newfound culture of data sharing has fueled scientific collaboration like never before. So now the question is: Is this the catalyst that breaks up the bonds of an old publishing model once and for all? “This may be the last time we talk about having special access to papers because of a pandemic,” Schekman says…”
Perspective.
https://www.bespacific.com/the-coronavirus-is-never-going-away/
The Coronavirus Is Never Going Away
The Atlantic – No matter what happens now, the virus will continue to circulate around the world. “The coronavirus that causes COVID-19 has sickened more than 16.5 million people across six continents. It is raging in countries that never contained the virus. It is resurging in many of the ones that did. If there was ever a time when this coronavirus could be contained, it has probably passed. One outcome is now looking almost certain: This virus is never going away. The coronavirus is simply too widespread and too transmissible. The most likely scenario, experts say, is that the pandemic ends at some point—because enough people have been either infected or vaccinated—but the virus continues to circulate in lower levels around the globe. Cases will wax and wane over time. Outbreaks will pop up here and there. Even when a much-anticipated vaccine arrives, it is likely to only suppress but never completely eradicate the virus. (For context, consider that vaccines exist for more than a dozen human viruses but only one, smallpox, has ever been eradicated from the planet, and that took 15 years of immense global coordination.) We will probably be living with this virus for the rest of our lives…”
See also What You Need to Know About the Coronavirus – The Atlantic’s guide to understanding COVID-19 [no paywall]
No doubt this App will sell!
https://dilbert.com/strip/2020-08-10
No comments:
Post a Comment