This is a current list of where and when I am scheduled to speak:
I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022.
I’m speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn, Estonia on June 3, 2022.
I’m speaking at the RSA Conference 2022 in San Francisco, June 6-9, 2022.
The list is maintained on this page.
Michigan AG warns of secondary scams after cyber-attack impacts 521k individuals’ personal data
Nearly twice as many people in UK and US targeted by romance scams in 2021 than in 2020
More than $400m worth of cryptocurrency went to ransomware strains “highly likely” to be affiliated with Russia in some way last year
A surge in “sophisticated, high impact” ransomware attacks has prompted the United States, UK, and Australian cybersecurity agencies issue a joint advisory about the techniques being used by cybercriminals to attack businesses and organisations.
Read more in my article on the Tripwire State of Security blog.
For years now, the popularity of online dating has been on the rise—and so have the number of online romance scams that leave people with broken hearts and empty wallets.
According to the U.S. Federal Trade Commission (FTC), the reported costs of online romance scams jumped 50% from 2019 to 2020, to the tune of $304 million. And that’s not entirely because 2020 was a pandemic year. From 2016 to 2020, the volume of reported cases tripled, while reported losses nearly quadrupled. Over that period, online romance scams are not only becoming more common, but they’re also becoming more costly.
Dating and romance scams aren’t limited to online dating apps and sites, they’ll happen on social media and in online games as well. However, the FTC reports that the scam usually starts the same way, typically through an unexpected friend request or a message that comes out of the blue.
With that initial introduction made, a chat begins, and a friendship (or more) blossoms from there. Along the way, the scammer will often rely on a mix of somewhat exotic yet believable storytelling to lure the victim in, often involving their job and where they’re working. Reports say that scammers will talk of being workers on an offshore oil rig, members of the military stationed overseas, doctors working with an international organization, or working in the sort of jobs that would prevent them from otherwise easily meeting up in person.
With the phony relationship established, the scammer starts asking for money. The FTC reports that they’ll ask for money for several bogus reasons, usually revolving around some sort of hardship where they need a “little help” so that they can pay:
For a plane ticket or other travel expenses.
For medical expenses.
Customs fees to retrieve something.
Gambling debts.
A visa or other official travel documents.
The list goes on, yet that’s the general gist. Scammers often employ a story with an intriguing complication that seems just reasonable enough, one where the romance scammer makes it sound like they could really use the victim’s financial help.
People who have filed fraud reports say they’ve paid their scammer in a few typical ways.
One is by wiring money, often through a wire transfer company. The benefit of this route, for the scammer anyway, is that this is as good as forking over cash. Once it’s gone, it’s gone. The victim lacks the protections they have with other payment forms, such as a credit card that allows the holder to cancel or contest a charge.
Another way is through gift cards. Scammers of all stripes, not just romance scammers, like these because they effectively work like cash, whether it’s a gift card for a major online retailer or a chain of brick-and-mortar stores. Like a wire transfer, once that gift card is handed over, the money on it is highly difficult to recover, if at all.
One more common payment is through reloadable debit cards. A scammer may make an initial request for such a card and then make several follow-on requests to load it up again.
In all, a romance scammer will typically look for the easiest payment method that’s the most difficult to contest or reimburse, leaving the victim in a financial lurch once the scam ends.
When it comes to meeting new people online, the FTC suggests the following:
Never send money or gifts to someone you haven’t met in person—even if they send you money first.
Talk to someone you trust about this new love interest. It can be easy to miss things that don’t add up. So pay attention if your friends or family are concerned.
Take the relationship slowly. Ask questions and look for inconsistent answers.
Try a reverse-image search of any profile pictures the person uses. If they’re associated with another name or with details that don’t match up, it’s a scam.
Scammers, although arguably heartless, are still human. They make mistakes. The stories they concoct are just that. Stories. They may jumble their details, get their times and dates all wrong, or simply get caught in an apparent lie. Also, keep in mind that some scammers may be working with several victims at once, which is yet another opportunity for them to get confused and slip up.
As mentioned above, some romance scammers troll social media and reach out through a direct message or friend request. With that, there are three things you can do to cut down your chances of getting caught up with a scammer:
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy and give a romance scammer less information to exploit.
Be critical of the invitations you receive. Out-and-out strangers could be more than a romance scammer, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q3 of 2021 alone, Facebook took action on 1.8 billion fake accounts. Reject such requests.
Security software can protect you from clicking on malicious links that a scammer may send you online, while also steering you clear of other threats like viruses, ransomware, and phishing attacks in general. It can look out for your personal information as well, by protecting your privacy and monitoring your email, SSN, bank accounts, credit cards, and other info that a scammer or identity thief may put to use. With identity theft a rather commonplace occurrence today, security software is really a must.
If you suspect that you’re being scammed, put an end to the relationship and report it, as difficult as that may feel.
Notify the FTC at ReportFraud.ftc.gov for support and next steps to help you recover financially as much as possible. Likewise, notify the social media site, app, or service where the scam occurred as well. In some cases, you may want to file a police report, which we cover in our broader article on identity theft and fraud.
If you sent funds via a gift card, the FTC suggests filing a claim with the company as soon as possible. They offer further advice on filing a claim here, along with a list of contact numbers for gift card brands that scammers commonly use.
Lastly, go easy on yourself. If you find yourself a victim of online dating or romance fraud, know that you won’t be the first or last person to be taken advantage of this way. By reporting your case, you in fact may help others from falling victim too.
The post Phony Valentines: Online Dating Scams and How to Spot Them appeared first on McAfee Blog.
More than three in five companies were targeted by software supply chain attacks in 2021, according to a recent survey by Anchore. The survey of 428 executives, directors, and managers in IT, security, development, and DevOps found that the organizations of nearly a third of the respondents (30%) were either significantly or moderately impacted by a software supply chain attack in 2021. Only 6% said the attacks had a minor impact on their software supply chain.
The survey bracketed the discovery of the vulnerability found in the Apache Log4 utility. Researchers conducted the survey from December 3 to December 30, 2021. Log4j was revealed December 9. Before that date, 55% of respondents said they had suffered a software supply chain attack. After that date, that number jumped to 65%.
With the advent of extended detection and response (XDR), the security analyst’s need for one complete, contextualized view into threats across the enterprise is becoming less fantasy and more reality.
XDR promises a faster and more efficient way to bring together data from a range of security tools, spot sophisticated attacks, and automate response actions to protect a growing number of assets within the traditional network perimeter and beyond.
And vendors are working to bolster their threat detection and response offerings to deliver on this promise. They’re doing so either by acquiring other vendors or technologies to add capabilities and drive toward single-vendor, or native, XDR platforms, or by offering open platforms and partnering for their integrations.
We’ve seen—and likely will continue to see—considerable M&A activity as vendors work to create native XDR solutions. In 2021, multiple mergers and acquisitions were driven by XDR. Notable deals include Cybereason’s July purchase of security analytics firm empow; Logpoint’s third-quarter acquisition of SecBI for its security orchestration and automated response (SOAR) and XDR technologies; and most recently, IBM’s announcement of its plans to acquire endpoint security vendor ReaQta.
However, as I mentioned earlier, not all vendors are opting to acquire their XDR capabilities. Many are choosing a vendor-agnostic approach and relying on integrations with security tools from different vendors to deliver their solutions. Let’s take a look at both approaches.
Native XDR solutions offer a unified suite of security tools from one vendor on a centralized management platform, which, in theory, means security teams don’t have to implement and manage integrations with technologies from other vendors. This vendor-specific approach has its advantages:
One centralized management platform to handle all threat detection and analytics processes
No need to purchase, integrate, and update technology from other providers
Redundant tools can be removed
Turnkey platform with off-the-shelf integration for faster deployment and security results
But some gotchas accompany these advantages; most notably, the requirement for significant dependence on one vendor. The customer that chooses to go with a native XDR solution will have to replace their existing tools with tools from the provider’s suite, typically a costly and complex undertaking. Additionally, the customer that favors the simplicity of an all-in-one approach may experience gaps in their threat detection and response since a single provider is unlikely to have deep security capabilities across all areas. Choosing this approach may require sacrificing efficacy if not all products in the vendor’s suite are best-of-breed. Note also that any acquisition for XDR capabilities requires that platforms be fully integrated, which takes time, and in some cases may never happen.
The downside
Vendor lock-in
The need to rip-and-replace existing security tools
Lack of third-party integration capabilities
Non-customizable solution
Incomplete integrations
Potential for gaps in protection
Whereas native XDR solutions require customers to purchase all components of their XDR offering from them, open solutions are designed to work with security products from other vendors. The core XDR platform provides a central management console that leverages third-party integrations, which means customers can keep the tools they have in place, and they have the flexibility to add or remove tools as their future needs dictate.
Advantages of this vendor-agnostic approach include:
Avoid vendor lock-in
Integrations with best-of-breed tools
No need to rip and replace
Flexibility to swap in or out technologies
Customers considering an open XDR solution should bear in mind that some solutions will offer more third-party integrations than others, and even the most comprehensive open solutions cannot integrate all the tools available in the market. Additionally, integration can be complex.
The downside
Vendor may not have large ecosystem for integration
Integrations can be complex to build
Integrations are not always smooth
Which approach will work best for your business? If you deploy tools from multiple vendors, you’re probably better off choosing an open platform or working with a managed security service provider to leverage those investments. If you’re leaning toward the native approach, are you willing to rip and replace what you have in your technology stack in order to lock in with a single preferred security provider? While the simplicity of this approach is attractive, it may preclude you from deploying more innovative solutions as they emerge in the market.
Understanding how an XDR vendor’s background can help you meet your organizational objectives is also important. If, for example, your organization is in a highly regulated industry with strict reporting and compliance requirements, such as healthcare or financial services, then an XDR vendor with a security information and event management (SIEM) platform will have the deep analytics capabilities and better data log collection and long-term data retention capabilities you require.
On the other hand, XDR vendors coming from the endpoint detection and response (EDR) space are likely to be weaker on analytics but stronger at providing actionable response on the endpoint. Organizations with large numbers of endpoints that need to be monitored—and potentially restored in the event of an attack—will want to partner with these vendors.
Take care to review vendor roadmaps for integration, including scale and scope. Whether a vendor is making its XDR play through acquisition or through partnerships, integration is key. If integrations are being planned, how does the vendor intend to achieve them? As I noted earlier, even if a vendor has acquired other technologies and is now positioning its platform as native, the platform will not be truly native until the vendor’s engineers have fully integrated the new technology into the platform—and stitching together different technologies is not a trivial task.
Gartner has identified XDR as a leading security trend, noting in its 2021 Market Guide for Extended Detection and Response that by the end of 2027, the technology will be used by up to 40% of end-user organizations. And a 2021 researchandmarkets.com report predicts that by 2028, the global XDR market size will reach USD 2.06 billion, expanding at a CAGR of 19.9% from 2021 to 2028.
XDR is the future of threat detection and response, but these solutions are also complex and can be challenging to roll out. Whether you choose to go with a single vendor solution or an open platform, you will need security professionals with training, knowledge, and experience to deploy and manage the solution. If these are not in-house capabilities, you may need a partner to help you.
As you evaluate the different approaches, consider whether there is value for your organization in working with a managed security services provider (MSSP) or managed detection and response (MDR) provider. An MSSP can help you ask the right questions, identify your security gaps, and work through how you’re going to roadmap from your existing technology stack to an XDR implementation.
If your organization has the capabilities to handle day-to-day management of the solution in-house, and therefore does not plan to work with an MSSP or MDR provider, consider leveraging the expertise of a consultant or investing in a product support services retainer, so your security team has access to on-call support when troubleshooting issues, such as for example, deployment or tuning.
As one of the world’s top providers of security services, including professional services, consulting, and managed services, AT&T Cybersecurity employs highly experienced and industry-certified individuals to deliver high-touch service that includes platform onboarding, initial policy tuning, training, and troubleshooting as needed. AT&T Managed XDR leverages these services to help organizations detect and respond to threats faster.
