The week in security: Keeping up with the hackers

Credit: ID 111205478 © Sergeypykhonin |

Less than a third of organisations believe they can effectively deal with a new cybersecurity threat within a month, according to new research that highlights the continued vulnerability of today’s businesses in the context of escalating cybersecurity threats.

Many of those threats are own goals, such as the revelation that an Amazon video doorbell has been broadcasting home Wi-Fi passwords without encryption.

Still other threats are internal, with hackers exploiting employees’ credentials for a range of activities – but EDR tools offer much better visibility of suspicious behaviour that can help security staff pinpoint a potential network breach much faster.

The tools are there – and new additions like AI and machine learning offer some promise – but many CSOs continue to fight an unspoken internal resistance to change that is compromising their efforts to bolster security.

Just look educational environments, where sheer complexity is making them high-value, low-risk targets for cyberattackers.

Yet, it seems, many attackers don’t have to work that hard. If you’ve been getting a lot of scam tech-support calls recently, the reason may have been found: a Trend Micro employee has, apparently, been selling customers’ details to scammers.

Speaking of scams, the use of unique user IDs by phishing websites may have provided a way for security tools to detect and block phishing attacks before they get out of hand.

Google was more focused on what’s in hand, with its App Defense Alliance bringing together a range of partners to improve the detection of malware on its phones.

Microsoft may have patched the BlueKeep vulnerability, but Windows PCs are still getting hit by the malware that the company has warned could become a conduit for the next WannaCry.

Read more: Get ready for Trump fake ransomware: ‘trump.exe’ and ‘Trump Screen of Death’

Also threatening, some say, is ‘Trump’ ransomware that leverages the US president’s likeness to demand ransom payments.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags Googleransomwaremachine learningcybersecurity threatsartificial intelligence (AI)hackers

More about AmazonGoogleMicrosoftTrend Micro

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by David Braue

Latest Videos

More videos

Blog Posts