If 2017 was the year of ransomware innovation, 2018 is well on its way to being known as the year of cryptocurrency mining malware. Numerous studies have found that the most seen malware attacks today are designed for cryptojacking. But while ransomware campaigns may be down, they're far from out.
Police recently arrested the suspected administrators and top users of the stresser/booter service Webstresser.org. Unfortunately, the plethora of such services means the world is unlikely to see a reduction in DDoS attack volumes, says Darren Anstee of Arbor Networks.
Much more must be done to shore up the U.K.'s national infrastructure. "It's partly austerity, and it's partly what's happening in the global economy, but we've really seen an underinvestment, specifically in the critical national infrastructure," says LogRhythm's Ross Brewer.
Old technology never dies, but rather fades "very slowly" away, as evidenced by there being 21 million FTP servers still in use, says Rapid7's Tod Beardsley. Rapid7's scans of the internet have also revealed a worrying number of internet-exposed databases, memcached servers and poorly secured VoIP devices.
What are hot cybersecurity topics in Scotland? The "International Conference on Big Data in Cyber Security" in Edinburgh focused on everything from securing the internet of things the rise of CEO fraud to the origins of "cyber" and how to conduct digital forensic investigations on cloud servers.
Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say. Investigators began pursuing the group last year after it stole customer data from a British firm and demanded $770,000 to not publicly release it.
John Gammell of New Mexico has been sentenced to serve 15 years in prison for launching DDoS attacks against prior employers and business competitors, as well as for being a convicted felon in possession of firearms.
DDoS attacks are morphing from being political statements to a diversion while other forms of attacks are occurring, says Arbor Network's Mike Boose, who describes new threat vectors and best practices for mitigation.
Despite the buzz about digital transformation, most enterprises remain overwhelmed by having to support and secure legacy technologies, says Mark Loveless of Duo Security. How can they simultaneously protect their legacy systems while securing their future?
At a time when so many new devices are connected to enterprise networks, security leaders struggle just to inventory the devices - never mind secure them. Nathan Burke, CMO of Axonius, a new device management vendor, discusses the niche Axonius fills.
Monica Jain has a lot of experience in security operations centers, and she knows much of the tribal knowledge there is not automated or shared. That's why she co-founded LogicHub, a new intelligence automation platform.
Mark Jaffe is less concerned about how adversaries breach networks, but more concerned about how to secure their actual target - critical data. His startup company, Allure Security, intends to help secure that data.