For attackers, "credential stuffing" - using stolen usernames and passwords to log into any site for which a user reused their credentials - is the gift that keeps on giving, says security researcher Troy Hunt. Here's how organizations can mitigate the threat.
Financial services firms write off a certain level of online fraud as a cost of doing business, but these losses directly fund organized crime and help legitimize cybercrime as a career path, says Trusted Knight's Trevor Reschke, who stresses the sector must do more to combat fraud.
Never underestimate the human factor in attacks. Indeed, many of today's top attacks - from malware to phishing - require some level of interaction from victims. "They're targeting people - they're targeting the users within our businesses," says Proofpoint's Adenike Cosgrove.
Symantec says it has uncovered a cyber espionage campaign that targets telecommunications operators in Southeast Asia - as well as a defense contractor and satellite communications operator - and warns that the hacking group, dubbed Thrip, may be laying the groundwork for more destructive attacks.
In the past 12 months, there's been a blistering series of high-impact attacks that increasingly blur the lines "between statecraft and criminal organizations," says CrowdStrike's Zeki Turedi. How much of this blurring is intentional?
Email attacks continue to bite businesses, with organizations reporting not only a steady stream of ransomware, but also increasingly targeted social engineering attacks and account takeovers for cloud service users, says Barracuda's Hatem Naguib.
As the prevalence and scale of data breaches continues to increase - with attacks such as WannaCry and NotPetya having compromised entire business sectors - organizations must focus much more on preventing attacks, says Check Point's Gad Naveh.
The U.S. Department of Justice has charged a former CIA officer, 29-year-old Joshua A. Schulte, with providing 8,000 documents that describe the agency's offensive malware tools and practices to WikiLeaks, which published them in 2017 as the "Vault 7" archive.
Human resources software developer PageUp says it doesn't appear that personal data exposed in a malware attack was actually removed from its systems. But it has also found authentication error logs that recorded incorrect login attempts from before 2007.
As organizations detect more breaches, incident responders are increasingly overloaded, says Darktrace's Dave Palmer, who recommends organizations adopt strategies for "surgically interrupting the bad" while maintaining normal business processes and productivity.
Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say. Investigators began pursuing the group last year after it stole customer data from a British firm and demanded $770,000 to not publicly release it.
Incident response challenge: How to deliver actionable information to security analysts to enable them to better triage? "The quicker you can detect and respond to an incident, the more you're likely to be able to contain and minimize the risk associate with it," says IBM's Mike Spradbery.
Quantum computing, blockchain, crypto, internet of things: There's a lot of hype around these technology areas, says Jon Geater, CTO of Thales e-Security. So it's essential to pierce the hype and see what's useful and applicable for practitioners.