Goto

Collaborating Authors

help net security


BigBear.ai names Tony Barrett as President of the Cyber and Engineering Sector – Help Net Security

#artificialintelligence

… developing and deploying technical expertise and innovative solutions in artificial intelligence (AI), machine learning (ML), cyber security, …


Google Drive emerges as top app for malware downloads - Help Net Security

#artificialintelligence

Netskope published a research which found that phishing downloads saw a sharp increase of 450% over the past 12 months, fueled by attackers using search engine optimization (SEO) techniques to improve the ranking of malicious PDF files on popular search engines, including Google and Bing. The top web referrer categories contained some categories traditionally associated with malware, particularly shareware/freeware, but were dominated by more unconventional categories. The ascension of the use of search engines to deliver malware over the past 12 months provides insight into how adept some attackers have become at SEO. Malware downloads referred by search engines were predominantly malicious PDF files, including many malicious fake CAPTCHAs that redirected users to phishing, spam, scam, and malware websites. The report also found that most malware over the past 12 months was downloaded from within the same region as its victim, a growing trend that points to the increasing sophistication of cybercriminals, which more frequently stage malware to avoid geofencing filters and other traditional prevention measures. The findings reveal that attackers tend to target victims located in a specific region with malware hosted within the same region.


The role of streaming machine learning in encrypted traffic analysis - Help Net Security

#artificialintelligence

Organizations now create and move more data than at any time ever before in human history. Network traffic continues to increase, and global internet bandwidth grew by 29% in 2021, reaching 786 Tbps. In addition to record traffic volumes, 95% of traffic is now encrypted according to Google. As threat actors continue to evolve their tactics and techniques (for example, hiding attacks in encrypted traffic), securing organizations is becoming more challenging. To help address these problems, many network security and operations teams are relying more heavily on machine learning (ML) technologies to identify faults, anomalies, and threats in network traffic.


Data literacy to lead global workplaces by 2030 - Help Net Security

#artificialintelligence

This is despite most business leaders predicting an upheaval in working practices due to the rapid onset of artificial intelligence (AI). With 35% of employees surveyed reporting they had changed jobs in the last 12 months because their employer wasn't offering enough upskilling and training opportunities, there is a stark need to better upskill workforces to support the workplace transition that is already underway. The report combines insights from expert interviews with surveys from over 1,200 global C-level executives and 6,000 employees. The findings, which were largely consistent across all geographies surveyed, reveal how the rapid growth in data usage is extending enterprise aspirations for its potential and, in turn, transforming working practices. The study found that business leaders and employees alike predict that data literacy – defined as the ability to read, work with, analyze and communicate with data – will be the most in-demand skill by 2030.


Bad actors are becoming more successful at evading AI/ML technologies - Help Net Security

#artificialintelligence

Deep Instinct Threat Research team extensively monitored attack volumes and types and then extrapolated their findings to predict where the future of cybersecurity is heading, determine what motivates attackers, and most importantly, lays out the steps organizations can take now in order to protect themselves in the future. One of the most pronounced takeaways from this research on 2021 threat trends is that bad actors are becoming more successful at evading AI/ML technologies, prompting organizations to redouble efforts in the innovation race. Specific attack vectors have grown substantially, including a 170% rise in the use of Office droppers along with a 125% uptick in all threat types combined. The volume of all malware types is substantially higher versus pre-pandemic. In addition, threat actors have made a discernable shift away from older programming languages, such as C and C, in favor of newer languages, such as Python and Go.


AI can spot biometric spoofing attacks with ease - Help Net Security

#artificialintelligence

Humans have far greater difficulty identifying images of biometric spoofing attacks compared to computers performing the same task, according to research released by ID R&D. The research report finds that computers are more adept than people at accurately and quickly determining whether a photo is of an actual, live person versus a presentation attack. Fraudsters attempt to imitate real customers during processes such as creating a new bank account or logging into an existing account. Liveness detection instantly validates whether a photo, taken in real time, is of a live person. The study tested humans and machines by presenting them with the most common spoofing techniques: printed photos, videos, digital images, and 2D or 3D masks.


Use of AI to fight insurance fraud hits all-time high - Help Net Security

#artificialintelligence

Insurers' use of predictive analytics to fight fraud has reached an all-time high, according to an insurance fraud technology study by the Coalition Against Insurance Fraud and SAS. The study reveals that 80% of insurers use predictive modeling to detect fraud, up from 55% in 2018. In a category new to the 2021 survey, the study also underscores the importance of identity verification software, cited by 40% of survey respondents. Identity analytics is quickly becoming must-have technology for insurers amid an alarming spike in malicious phishing scams, up 600% since the pandemic's onset. "The shifts we've seen since the 2018 study emphasize the increasingly sophisticated technologies needed to foil insurance fraudsters' criminal exploits," said David Hartley, Director of Insurance Solutions at SAS. "Predictive modeling is up 25%. Text mining has nearly doubled, jumping from 33% to 65% in three years. These findings prove that, even as COVID-19 has fueled rampant fraud, insurers are agilely stretching their advanced analytics capabilities to counter rapidly changing threats."


Trends that will shape the security industry in 2022 - Help Net Security

#artificialintelligence

Entering 2022, the world continues to endure the pandemic. But the security industry has, no doubt, continued to shift, adapt, and develop in spite of things. Several trends have even accelerated. Beyond traditional "physical security," a host of frontiers like AI, cloud computing, IoT, and cybersecurity are being rapidly pioneered by entities big and small in our industry. By all appearances, the security industry is in a stage of redefining itself.


Sensory enables customers to control how their AI solutions are deployed - Help Net Security

#artificialintelligence

Sensory announces the beta release of SensoryCloud.ai, Leveraging Sensory's decades of experience with voice and vision AI, the SensoryCloud platform is launched with AI services such as Speech to Text, Sound Identification, Wake Word Verification, Face Verification, and Speaker Identification. Additional services and updates will be offered throughout the year. With SensoryCloud, customers are offered a cloud AI platform that puts them in full control with a focus on flexibility and accuracy. Customers get complete control of how their AI solutions are deployed and how the data is managed and accessed. SensoryCloud delivers a language- and platform-agnostic AI inference engine wrapped in a highly-developed API.


Preventing document fraud in a world built on digital trust - Help Net Security

#artificialintelligence

All digital markets are built on trust and that trust has been reduced to an algorithm driven by proof of identity, which currently remains heavily reliant on formal documents such as a passport or driving license. Anyone looking to misrepresent who they are, where they live or what they're paid would need their documentation to reflect this false version of their status. Highly automated workflows used by financial services are particularly vulnerable to this type of manipulation. Bank statements that are used to support lending applications, "know your customer" (KYC) procedures and other identity-driven financial purposes worldwide are regularly tampered with. In addition, "know your user" (KYU) processes, which include merchants, fintech companies and the B2B ecosystem, among others, are also subject to fraud.