Cybercriminals Increasingly Harnessing Stolen Identity Data to Launch Global Attacks

Security magazine | March 04, 2020

A new report by LexisNexis® Risk Solutions, Cybercrime Report covering July 2019 through December 2019, reveals how fraud has increasingly become borderless on a global scale. As the report analysis shows, cybercrime is a well-organized, global endeavor powered by networks of fraud. While consumers enjoy access to goods and services from all over the world, fraudsters are able to harness stolen identity data to launch corresponding cross-border fraud attacks, says the report.This global, networked pattern of cybercrime is further reflected in mobile attack rate growth, which is heavily influenced by a global bot attack targeting mobile app registrations, adds the company. Fraudsters are migrating attacks to exploit the mobile channel: Of the 19 billion transactions recorded by the LexisNexis® in this six month period, for the first time, mobile attacks outpaced desktop attacks, with a 56 percent growth in the mobile attack rate year-over-year.

Spotlight

Parsons began this effort to explore the state of cybersecurity risk in critical infrastructure facilities with a simple question. The cyber threat has undoubtedly converged – both information technology (IT) and operational technology (OT) environments are being attacked. But, to what degree have solutions to this two-pronged threat actually converged? Parsons is committed to shedding light on the stark differences between IT and OT cyber threats and implications. IT cyber-attacks are fundamentally tied to data, and the theft and nefarious use of stolen information.

Spotlight

Parsons began this effort to explore the state of cybersecurity risk in critical infrastructure facilities with a simple question. The cyber threat has undoubtedly converged – both information technology (IT) and operational technology (OT) environments are being attacked. But, to what degree have solutions to this two-pronged threat actually converged? Parsons is committed to shedding light on the stark differences between IT and OT cyber threats and implications. IT cyber-attacks are fundamentally tied to data, and the theft and nefarious use of stolen information.

Related News

SOFTWARE SECURITY

CertiK Reaches for the Skies With the Release of Its New Security Services

CertiK | July 16, 2022

CertiK, the leading global Web3 and blockchain security firm, today announced the launch of several web3 Skynet security features to bolster end-to-end security for the web3 world. New features include: Skynet Trust Score - a new scoring mechanism aimed at simplifying the definition of crypto project risk, increasing transparency into scoring mechanisms and demonstrating market health. Skynet Cohort Analysis Panel - a way for projects to see how they rank against other similar projects in order to help users contextualize the risk of a project by displaying its performance against comparable projects. Badges and honors for project achievements to strengthen credentials in their respective fields The Skynet service, launched in June 2021, uses a comprehensive set of signals, curated from code scanning analysis, on chain security analytics, and machine learning to provide 24/7 monitoring of threats for crypto projects. To date, Skynet has helped to protect and monitor over 4 billion transactions. As part of its strategy, CertiK set out on a mission to address both business and consumer value services through its security leaderboard found on its website. Delivering on this promise, CertiK’s release of new Skynet features provides further simplicity and transparency to consumers around project risk, while also giving credit to projects where needed through badges and honors. “We’re very excited to launch these new Skynet features. “Through feedback from customers and the community, we’ve recognized the need to innovate around security risk in a simpler way that caters to both business and consumer needs. This is just the beginning of our journey as we continue to innovate in response to community needs and deliver on our promise of securing the web3 world.” Kevin Liu, Chief Product Officer at CertiK As part of its portfolio expansion, CertiK also recently released on its Twitter an autonomous security alert channel, which provides real-time alerts to the community on hacks, flash loan attacks, rugpulls and suspicious activity. To date, CertiK has flagged over $1.45 Billion in security incidents since the release of the service in February this year. The growing demand for Web3 security has driven further development and operation of more innovative and data-driven security products for the blockchain industry. CertiK is meeting these demands through innovative products like Security Leaderboard, Code Auditing, KYC and now this next series of Skynet security features. About CertiK CertiK’s mission is to secure the Web3 world. Starting with blockchain, CertiK applies cutting-edge innovations from academia into Enterprise, enabling mission-critical applications to be built with security and accuracy. Headquartered in New York City, CertiK was founded by computer science professors Ronghui Gu and Zhong Shao. CertiK is backed by industry leaders, including Insight Partners, Tiger Global, Sequoia, Coatue Management, Advent International, Goldman Sachs, Lightspeed, SoftBank Vision Fund 2, Hillhouse Capital, Binance, Coinbase Ventures, and more.

Read More

PLATFORM SECURITY

ReliaQuest GreyMatter joins Microsoft Intelligent Security Association

ReliaQuest | June 17, 2022

ReliaQuest, a security operations force enhancer, announced today that it has joined the Microsoft Intelligent Security Association (MISA). MISA is an ecosystem of independent software manufacturers and managed security service providers that have linked their products to better guard against an ever-increasing number of threats. "With digital transformation driving migration to Microsoft Azure, it becomes even more critical to have a unified view across an organization’s security infrastructure. Now, with added support for Microsoft Sentinel, Microsoft 365 and Microsoft Defender for Endpoint, ReliaQuest GreyMatter extends visibility across the Microsoft ecosystem. GreyMatter unifies detection, investigation and response to drive security effectiveness and cyber resilience, while allowing the customer to integrate Microsoft Security products at the pace that best suits their organization.” Brian Foster, ReliaQuest Chief Product Officer This partnership makes it simple for Microsoft clients to ingest data and automate activities across any vendor solution, whether on-premises or in one or more clouds. GreyMatter, in conjunction with extensive security operations knowledge, accelerates threat detection and response. This improves the efficiency of current investments, such as the correlation capabilities of Microsoft Sentinel and Microsoft Defender for Endpoint. GreyMatter contextualizes threat research, aggregate customer knowledge, more than 40 open source and commercial security data sources to build a complete, actionable picture of present and upcoming risks. ReliaQuest will continue investing in GreyMatter's integration capabilities with the Microsoft 365 security suite, extending the ReliaQuest aim to "Make Security Possible." Rob Lefferts, Corporate Vice President, Microsoft Defender said that, “Microsoft Intelligent Security Association members, like ReliaQuest, leverage Microsoft’s security products to better defend against cyber security threats with identity and access management, threat protection, information protection and security management.”

Read More

PLATFORM SECURITY

Axonius Adds Key Integrations with AWS

Axonius | July 25, 2022

Axonius, a cybersecurity asset management provider, today announced integrations with Amazon Macie, Amazon GuardDuty, and AWS SecurityHub while extending its Amazon Inspector functionality. These new integrations will help customers to better understand and manage vulnerabilities across their Amazon Web Services (AWS) infrastructure. By connecting to both AWS first-party and ISV-third party security solutions, Axonius provides comprehensive visibility and management of assets across AWS cloud, multi-cloud, and on-premises. The latest integrations provide the following capabilities: Identify Exposed Amazon S3 Buckets: Axonius fetches findings from Amazon Macie to help customers identify exposed Amazon S3 buckets to maintain data integrity and compliance. Detecting Malicious Activity & Compromised Security Controls: By integrating with Amazon GuardDuty, Axonius helps customers detect malicious activity to protect AWS accounts, workloads, and data and help them understand which assets have compensating security controls. Helping Meet Security Best Practices: With insights from AWS SecurityHub, customers can compare against correlated data to verify whether assets that don't meet best practice standards have a compensating security control. Comprehensive View of Cloud Security Posture: Axonius delivers a complete inventory of assets from more than 450 correlated data sources giving customers a comprehensive view of their cloud security, including vulnerability data from Amazon Inspector. "As companies continue to shift workloads to the cloud, they're also increasingly leveraging cloud provider-native security service offerings. "Yet customers are still exhausted by the highly-manual, slow, and error-prone processes that negatively impact their risk mitigation, threat management, and compliance. With Axonius and AWS, customers finally have a unified view of their assets while dramatically strengthening their security posture." Mark Daggett, Vice President of Worldwide Channels and Alliances at Axonius About Axonius Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers gaps, and automatically validates and enforces policies. Deployed in minutes, the Axonius cyber asset attack surface management (CAASM) solution integrates with hundreds of data sources to give customers the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, automating response actions, and informing business-level strategy. Cited as one of the fastest growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius covers millions of devices for customers around the world.

Read More