Simpson, CISO, Armis
Voice Deepfakes will
become the new phishing bait: C-level executives, politicians and other
high-profile individuals are already high-risk targets for standard email
phishing attacks given their level of access and financial decision making
within their organization. With advancements in the deepfake voice technology,
I expect a rise of voice phishing schemes in 2020 in which employees are
tricked into sending money to scammers or revealing sensitive information after
getting voice messages and calls that sound like they are from the CFO or other
executives. We’ve already seen one fraudulent bank transfer convert to $243,000
for criminals. Given how hard it is to identify these deepfakes compared to
standard phishing attacks, I expect these operations will become the norm in
the new year.
Kirner, CTO & founder, Illumio
We’ll start to hear
more about the convergence of physical infiltration with cyberattacks,
challenging security across the board. Cyberattacks on an enterprise or a
government can be carried out remotely but, in 2019, we started hearing more
about the physical element added to the mix. It doesn’t take sophisticated
software or intelligence operations to execute these attacks – a well-planned,
staged scenario is all it takes. For instance, someone could pose as an
electrician to gain physical access to a hospital being built, walking around
unimpeded until they find an unprotected device to access the network. I
believe we’ll see more of these high-profile, hybrid cyber-physical attacks in
Matt Ulery, chief product officer, SecureAuth
Get ready for SMS attacks to go mainstream. We adopted two-factor authentication with little hesitation: get a text on your phone with the one-time authentication code, enter it in after entering your password and gain access to your account. Most consumers haven’t had an issue with an extra step for a little peace of mind. The problem is that second-factor methods can now be easily defeated by your average hacker.
overrides have become a common and intensifying threat over the past year, and
they’ll only become more prominent in 2020. This type of attack will come in
three main forms: SIM swap, IMSI factors and SS7 hacks.
intercepting SMS messages and voice calls to eavesdropping and location tracking,
these types of attacks highlight the weakness of relying on two-factor
authentication to protect our identities. Businesses and organizations —
especially those handling and storing customer data — have an obligation to
look towards more advanced, adaptive approaches to securely verify their users
by utilizing verification factors like location, time of day, behavior and IP
addresses. It’s no longer safe to assume a six-digit code sent to your phone
will protect your identity.”
Morrison, CEO, CoreView
Office 365-specific security issues will finally get the attention they
deserve: Office 365 is a major target for IP theft, data leakage, credential
cracking, and O365-specific attacks because that’s where a big bulk of sensitive,
enterprise data is. Yet, O365 security issues often don’t get the attention
they deserve. In 2020 and beyond, IT should expect new O365 phishing and
malware attacks, as well as modified versions of KnockKnock and ShurtLOckr, two
attacks that focus on Office 365 that have been active since May 2017—and are
Mark Sangster, vice president and industry security strategist, eSentire
Company microtargeting with industry-specific tools will rise. Throughout 2019, eSentire has observed numerous instances of mid-sized organizations being targeted using tools specific to their industry, and this approach will continue into 2020. Phishing emails related to common industry tools or masquerading as trusted sources will be a common attack vector for stealing credentials and sensitive information. For example, phishing lures unique to the legal industry will use avenues, including cloud services, from vendors such as Adobe, to access to stores of sensitive information and credit vendors, like American Express, to gain short-term access to personal and/or company credit accounts. Access to personal or organization emails can lead to the theft of sensitive information. It can also aid attackers in crafting more familiar and friendly-looking lures for spear (targeted) phishing. As this trend towards microtargeting continues, organizations need to ensure they have technical controls in place to detect these threats and also ensure they have a robust security education program in place for their employees.
Recovery-as-a-Service (DRaaS) is now mainstream, with large organizations
adopting DRaaS at the highest rates. However, expect in 2020 to see the
adoption of DRaaS by small and mid-sized organizations to drastically increase
as organizations discover that not all DRaaS services require their IT
departments to become experts in hyper-scale clouds. As a result, SMBs will
outsource DRaaS to experts at a fixed price and with little requirement for
their time or technical overview.
Lemos, VP of research and intelligence, BlackBerry Cylance
state-sponsored cyber groups are the new proxy for international relations. Cyber
espionage has been going on since the introduction of the internet, with
Russia, China, Iran and North Korea seen as major players. In 2020, we will see
a new set of countries using the same tactics, techniques, and procedures
(TTPs) as these superpowers against rivals both inside and outside national
borders. Mobile cyber espionage will also become a more common threat vector as
mobile users are significant attack vector for organizations that allow
employees to use personal devices on company networks. We will see threat
actors perform cross-platform campaigns that leverage both mobile and traditional
desktop malware. Recent research discovered nation-state based mobile cyber
espionage activity across the Big 4, as well as in Vietnam and there’s likely
going to be more attacks coming in the future. This will create more complexity
for governments and enterprises as they try to attribute these attacks, with
more actors and more endpoints in play at larger scale.
Banga, CEO and founder, Balbix
The accepted definition of a vulnerability will broaden. Typically associated
with flaws in software that must be patched, infosec leaders will redefine the
term to anything that is open to attack or damage. The impact will be
systematic processes, similar to those commonly applied to patching, extended
to weak or shared passwords, phishing and social engineering, risk of physical
theft, third party vendor risk, and more.
Howard, VP of federal, Nutanix
In 2020, we expect
to see federal agencies to increasingly differentiate their IT consumption
models. For example, I expect to see a movement of IT infrastructure to managed
service offerings in hosted data centers in order to take advantage of the
solutions that MSPs provide. In doing so, they will also be taking some of the
work off of their plate. This will not only allow agencies to access better connectivity,
but it will also address some of the same benefits that agencies look for when
moving to the public cloud, like agility and the ability to move away from
managing physical infrastructure, but with added security controls.
Summers, VP and CTO, Akamai
advertising ecosystem will be the next top target as a new class of attacks
emerges – As consumer experience becomes more important — and elaborate —
advertisers harvesting troves of customer data will find themselves susceptible
to a new wave of attacks from cybercriminals. Hoping to capitalize on the data
possessed by agencies, adversaries will increasingly go after the ad delivery
process, compromising the countless amount of customer data stored. In the
coming year, we can expect digital advertisers to amp up security efforts to
combat this, yet we can also expect to see more consumers opting-out of
experiences that require data collection.
Beuchelt, CISO, LogMeIn
The use of and
evolution of biometrics. Decentralized, device-managed biometrics will continue
to rise as a convenient way to authenticate users. Biometric data stored
locally on the user device is best for security and eliminates the privacy
risk. These biometrics are good because they make life easier for people to
authenticate with devices in their possession and don’t pose a further security
risk because that info isn’t online and never leaves the system.
biometric databases will continue to be promoted (and in some cases forced) by
governments, but we’ll continue to see pushback from civil society.
i.e. having one giant database, is not good biometrics because a lot of
sensitive personal information is in one location and invites abuse. People are
understanding this and some citizens in Europe and the U.S. are pushing back
against centralized databases.
In terms of
voluntary centralized databases, there is going to be some form of material
abuse of the type of info people are sharing so freely (i.e. if 23 and Me is
hacked), creating a privacy nightmare. That nightmare is just waiting to happen,
whether through a hack, breach or government subpoena.
Published at Sat, 28 Dec 2019 14:00:35 +0000
Coinbase Custody selected by 21Shares for Bitcoin ETP
Today we’re proud to announce that 21Shares AG has chosen Coinbase Custody to store its digital assets for its Bitcoin ETP. 21Shares AG is listing its 21Shares Bitcoin ETP (ISIN: CH0454664001 — WKN A2T64E) on the Deutsche Börse’s Xetra electronic venue on Thursday July 2nd 2020. Coinbase Custody will serve as custodian for the underlying assets of their Bitcoin ETP.
21Shares selected Coinbase Custody after reviewing our institutional-grade offline storage solution, which includes world-class security, regulatory compliance and insurance coverage. Coinbase is committed to serving a wide spectrum of institutional clients and we are excited to be the chosen custodian for the 21Shares Bitcoin ETP, Europe’s first physically-backed bitcoin ETP.
Hany Rashwan, CEO at 21Shares AG, says, “21Shares is delighted to bring this historic product to Europe. We are honored to give investors access to the best performing asset class of the last decade and we believe the next ten years as well, through our simple, transparent, and regulated crypto ETP product suite.”
Coinbase Custody is the world’s largest and most trusted crypto custodian. To learn more about Coinbase Custody click here.
Compound (COMP) is now available on Coinbase Earn
Earn COMP while learning how to borrow crypto and earn interest with Compound
Coinbase’s mission is to create an open financial system, where anyone in the world can participate on equal terms from their computer or smartphone. To bring this vision to life, we’ll need to make blockchain technology more accessible, both in the sense of making cryptocurrencies easier to obtain and easier to understand.
Coinbase Earn is a trusted source where customers all around the world can educate themselves about new developments in crypto and earn assets as rewards. Starting today, Coinbase customers can start earning Compound (COMP) by watching lessons and completing quizzes about the Compound protocol and its governance token COMP.
Compound (COMP) is an Ethereum token that governs the autonomous Compound protocol. The protocol allows anyone to borrow and lend Ethereum tokens through a decentralized market. Lenders earn interest on the crypto they supply to the protocol and borrowers pay interest to borrow it.
The ability to earn crypto assets has become an increasingly important function in the crypto ecosystem — alongside buying, staking, voting, and mining — especially when paired with education.
Since the launch of Coinbase Earn in 2018, we’ve announced nine different assets, including 0x, Basic Attention Token, Zcash, Stellar Lumens, EOS, Dai, Tezos, Orchid and now Compound. In less than a year, asset issuers offered over $100M in crypto to distribute to our customers, and we have launched Earn internationally. As we expand globally, millions of people are gaining access to a trusted, secure, and legal bridge to the crypto economy — even if they don’t have a credit card or bank account with which to buy crypto.
Check out all Coinbase Earn campaigns through our homepage or access them directly through the Coinbase mobile app.
Coinbase receives a servicing fee from the participating asset issuer. Consideration for Coinbase Earn is wholly independent of our digital asset framework for new listings. Click here for our Earn FAQ and terms.
Compound (COMP) is now available on Coinbase
Starting today, Coinbase supports Compound (COMP) at Coinbase.com and in the Coinbase Android and iOS apps. Coinbase customers can now buy, sell, convert, send, receive, or store COMP. COMP will be available for customers in all Coinbase-supported regions, with the exception of New York state.
Compound (COMP) is an Ethereum token that governs the Compound protocol. The protocol allows anyone to supply or borrow Ethereum tokens through a decentralized market. Suppliers earn interest on the crypto they supply to the protocol and borrowers pay interest to borrow it.
One of the most common requests we hear from customers is to be able to buy and sell more cryptocurrencies on Coinbase. We published a process for listing assets, designed in part to accelerate the addition of more cryptocurrencies. We are also investing in new tools to help people understand and explore cryptocurrencies. We launched informational asset pages (see COMP here), as well as a new section of the Coinbase website to answer common questions about crypto.
You can sign up for a Coinbase account here to buy, sell, convert, send, receive, or store COMP today.
Coinbase owns COMP tokens as a result of a 2018 investment in Compound. Coinbase intends to maintain its investment in Compound for the foreseeable future and maintains internal policies that address the timing of permissible disposition of its digital assets, including COMP tokens.
The Nebulas blockchain project releases plans for a massive DeFi ecosystem!
Bitcoin, Ethereum lose August’s first round to small-caps
‘Hitman III’ VR Clip Confirms PS Move Support, Reveals Impressive Level of Detail
Psychic VR Lab Opens Applications for NEWVIEW Awards 2020
Bitcoin Cash, Tron, Synthetix Price Analysis: 13 August
IEA sees lower oil demand in 2020, 2021 on upsurge of coronavirus cases and stalling mobility
Coronavirus live updates: China says chicken imported from Brazil tests positive for virus; relief talks at a standstill
What a touch-free airplane bathroom is going to look like
‘Vox Machinae’ Quietly Added New Mechs, Weapons, & Co-op in Updates, Studio Has “Ambitious plans” for the Future
Can comedy normalize cannabis use?
Gold’s Sharp Rebound After Rout Hints Bitcoin En Route to $12K
Pompeo says Trump’s executive orders are ‘broader’ than just TikTok and WeChat, hinting at more action
Down to the Wire: Yam Finance Saved at the Last Minute
Boom! Kraken Predicts Imminent Bitcoin Price Rally of Up to 200%
Global P2P Bitcoin Trading Volume at Highest Point Since Jan. 2018
Tron’s BitTorrent Network Reaches 2 Billion Downloads
Stock futures edge lower after S&P 500 closes just under a record
CoinList Exchange Struggles, but NEAR Disaster Averted
3 charts show China is far from meeting its ‘phase one’ trade commitment to the U.S.
Five Hours to Failure: The ‘Save Yam’ Proposal Is Falling Short
Latin America will see ‘record-breaking contraction’ as the coronavirus shatters their economies, Goldman says
Analyst Who Called Bitcoin’s Tuesday Low Expects a Move to $13,000
Depression-like collapse is sparking a wartime-type boom, market bull Jim Paulsen predicts
Kamala Harris blames Trump for severity of U.S. coronavirus outbreak: He failed to take it ‘seriously from the start’
2021 Hyundai Elantra N Line picks up where Elantra Sport, GT N Line leave off
New Jersey Medical Cannabis Patients Can Now Use Telehealth
Accuracy of U.S. coronavirus data thrown into question as decline in testing skews drop in new cases
Bitcoin Could Retrace to $9,000 if it Breaks Below This One Key Level
Amazon Textract now available in Asia Pacific (Mumbai) and EU (Frankfurt) Regions
Walt Disney World actors to return to work after company offers coronavirus tests
Uber CEO says its service will probably shut down temporarily in California if it’s forced to classify drivers as employees
Litecoin, VeChain, Algorand Price Analysis: 12 August
Can Marijuana Really Cause A Person To Become Aggressive?
Stocks making the biggest moves after hours: Lyft, Cisco, Vroom & more
Meet Tucson, a stray dog who became Prime Hyundai’s newest car consultant
Trump And GOP Already Attacking Kamala Harris Over Marijuana Record
Cisco falls on disappointing quarterly guidance as revenue continues to drop
Lyft may suspend service in California if court requires it to classify drivers as employees
Is Chainlink riding the DeFi bubble?
$61M Worth of Drugs Discovered in Shipping Containers Filled With Cacti, Limes
Gaming6 days ago
Server status – Is Fall Guys down?
Esports1 week ago
The best loadouts for the ISO in Call of Duty: Warzone and Modern Warfare
AI1 week ago
How to Purchase a Future Tech Company
Esports6 days ago
Stuck on loading screen error in Fall Guys explained
AI7 days ago
AI Machine Learning Efforts Encounter A Carbon Footprint Blemish
AR/VR1 week ago
Extended Reality- Immersive Experience
AI1 week ago
Playstation Assist- Sony’s brand new smart assistant
Automotive1 week ago
What did you do during lockdown? Right, you were playing ‘Grand Theft Auto’