Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label SaaS Apps. Show all posts
SaaS Apps
BEC Attacks Cyber Attacks Cybersecurity Generative AI SaaS Apps

AI Might Be Paving The Way For Cyber Attacks

 


In a recent eye-opening report from cybersecurity experts at Perception Point, a major spike in sneaky online attacks has been uncovered. These attacks, called Business Email Compromise (BEC), zoomed up by a whopping 1,760% in 2023. The bad actors behind these attacks are using fancy tech called generative AI (GenAI) to craft tricky emails that pretend to be from big-shot companies and bosses. These fake messages trick people into giving away important information or even money, putting both companies and people at serious risk.

The report highlights a dramatic escalation in BEC attacks, from a mere 1% of cyber threats in 2022 to a concerning 18.6% in 2023. Cybercriminals now employ sophisticated emails crafted through generative AI, impersonating reputable companies and executives. This deceptive tactic dupes unsuspecting victims into surrendering sensitive data or funds, posing a significant threat to organisational security and financial stability.

Exploiting the capabilities of AI technology, cybercriminals have embraced GenAI to orchestrate intricate and deceptive attacks. BEC attacks have become a hallmark of this technological advancement, presenting a formidable challenge to cybersecurity experts worldwide.

Beyond BEC attacks, the report sheds light on emerging threat vectors employed by cybercriminals to bypass traditional security measures. Malicious QR codes, known as “quishing,” have seen a considerable uptick, comprising 2.7% of all phishing attacks. Attackers exploit users’ trust in these seemingly innocuous symbols by leveraging QR codes to conceal malicious sites.

Additionally, the report reveals a concerning trend known as “two-step phishing,” witnessing a 175% surge in 2023. This tactic capitalises on legitimate services and websites to evade detection, exploiting the credibility of well-known domains. Cybercriminals circumvent conventional security protocols with alarming efficacy by directing users to a genuine site before redirecting them to a malicious counterpart.

The urgent need for enhanced security measures cannot be emphasised more as cyber threats evolve in sophistication and scale. Organisations must prioritise advanced security solutions to safeguard their digital assets. With one in every five emails deemed illegitimate and phishing attacks comprising over 70% of all threats, the imperative for robust email security measures has never been clearer.

Moreover, the widespread adoption of web-based productivity tools and Software-as-a-Service (SaaS) applications has expanded the attack surface, necessitating comprehensive browser security and data governance strategies. Addressing vulnerabilities within these digital ecosystems is paramount to mitigating the risk of data breaches and financial loss.

Perception Point’s Annual Report highlights the urgent need for proactive cybersecurity measures in the face of evolving cyber threats. As cybercriminals leverage technological advancements to perpetrate increasingly sophisticated attacks, organisations must remain vigilant and implement robust security protocols to safeguard against potential breaches. By embracing innovative solutions and adopting a proactive stance towards cybersecurity, businesses can bolster their defences and protect against the growing menace of BEC attacks and other malicious activities. Stay informed, stay secure.


Read more »
SaaS Apps
Artifcial Intelligence Cyber Phishing Cyber Security Cyber Threats malware SaaS Apps

How To Combat Cyber Threats In The Era Of AI





In a world dominated by technology, the role of artificial intelligence (AI) in shaping the future of cybersecurity cannot be overstated. AI, a technology capable of learning, adapting, and predicting, has become a crucial player in defending against cyber threats faced by businesses and governments.

The Initial Stage 

At the turn of the millennium, cyber threats aimed at creating chaos and notoriety were rampant. Organisations relied on basic security measures, including antivirus software and firewalls. During this time, AI emerged as a valuable tool, demonstrating its ability to identify and quarantine suspicious messages in the face of surging spam emails.

A Turning Point (2010–2020)

The structure shifted with the rise of SaaS applications, cloud computing, and BYOD policies, expanding the attack surface for cyber threats. Notable incidents like the Stuxnet worm and high-profile breaches at Target and Sony Pictures highlighted the need for advanced defences. AI became indispensable during this phase, with innovations like Cylance integrating machine-learning models to enhance defence mechanisms against complex attacks.

The Current Reality (2020–Present)

In today's world, how we work has evolved, leading to a hyperconnected IT environment. The attack surface has expanded further, challenging traditional security perimeters. Notably, AI has transitioned from being solely a defensive tool to being wielded by adversaries and defenders. This dual nature of AI introduces new challenges in the cybersecurity realm.

New Threats 

As AI evolves, new threats emerge, showcasing the innovation of threat actors. AI-generated phishing campaigns, AI-assisted target identification, and AI-driven behaviour analysis are becoming prevalent. Attackers now leverage machine learning to efficiently identify high-value targets, and AI-powered malware can mimic normal user behaviours to evade detection.

The Dual Role of AI

The evolving narrative in cybersecurity paints AI as both a shield and a spear. While it empowers defenders to anticipate and counter sophisticated threats, it also introduces complexities. Defenders must adapt to AI's dual nature, acclimatising to innovation to assimilate the intricacies of modern cybersecurity.

What's the Future Like?

As cybersecurity continues to evolve in how we leverage technology, organisations must remain vigilant. The promise lies in generative AI becoming a powerful tool for defenders, offering a new perspective to counter the threats of tomorrow. Adopting the changing landscape of AI-driven cybersecurity is essential to remain ahead in the field.

The intersection of AI and cybersecurity is reshaping how we protect our digital assets. From the early days of combating spam to the current era of dual-use AI, the journey has been transformative. As we journey through the future, the promise of AI as a powerful ally in the fight against cyber threats offers hope for a more secure digital culture. 


Read more »
Security Vendors
Application Security Cyber Security Data Safety Illegal Apps SaaS Apps Security Vendors

Dangers of Adopting Unsanctioned SaaS Applications

 

A sleek little app-store sidebar was silently introduced to the right side of your session screen by the most recent programme update, as you might have seen on your most recent Zoom calls. With the touch of a button and without even pausing their Zoom session, this feature enables any business user inside your company to connect the software-as-a-service (SaaS) apps displayed in the sidebar.

The fact that anyone within an organisation can deploy, administer, and manage SaaS applications emphasises both one of the major strengths and security threats associated with SaaS. Although this technique could be quick and simple for business enablement, it also intentionally avoids any internal security review procedures. 

As a result, your security team is unable to identify which applications are being adopted and used, as well as whether or not they may be vulnerable to security threats, whether or not they are being used securely, or how to put security barriers in place to prevent unauthorised access to them. Zero-trust security principles become nearly hard to enforce. 

Joint Obligation 

Companies need to understand that they are continually being urged by vendors to install additional apps and adopt new features before they reprimand their staff for recklessly utilising SaaS applications. Indeed, the applications themselves frequently meet crucial business demands, and sure, employees naturally want to use them right away without waiting for a drawn-out security evaluation. But, whether they are aware of it or not, they are acting in this way because shrewd application providers are actively marketing to them and frequently tricking users into thinking they are adhering to security best practices. Users are not always reading the consent text displayed on the consent screens that are intended to give users pause during installation and nudge them to read about their rights and obligations. 

Always be cautious

In other circumstances, security is frequently presumed. Consider well-known brands' application markets. Vendors do not have the motivation, financial interest, or capacity to assess the security posture of every third-party application sold on their marketplaces. Yet, in order to promote the business, they may mislead users into believing that anything sold there retains the same level of protection as the marketplace vendor, frequently by omission. Similarly, market descriptions may be worded in such a way as to imply that their application was developed in partnership with or approved by a significant, secure brand.

The use of application marketplaces results in third-party integrations that pose the same vulnerabilities as those that led to numerous recent assaults. During the April 2022 GitHub assault campaign, attackers were able to steal and exploit legitimate Heroku and Travis-CI OAuth tokens issued to well-known suppliers. According to GitHub, the attackers were able to steal data from dozens of GitHub customers and private repositories by using the trust and high access offered to reputable vendors. 

Similarly, CircleCI, a provider focusing in CI/CD and DevOps technologies, reported in December 2022 that some customer data was stolen in a data breach. The investigation was sparked by a hacked GitHub OAuth token. According to the CircleCI team's research, the attackers were able to obtain a valid session token from a CircleCI engineer, allowing them to bypass the two-factor authentication mechanism and gain unauthorised access to production systems. They were able to steal consumer variables, tokens, and keys as a result. 

An Attraction to Frictionless Adoption 

Vendors also design their platforms and incentive plans to make adoption as simple as accepting a free trial, a lifetime free service tier, or swiping a credit card, frequently with alluring discounts to try and buy without commitment. Vendors want users to adopt any exciting, new capability immediately, so they remove all barriers to adoption, including going around ongoing IT and security team reviews. It is hoped that an application will prove to be too well-liked by business users and crucial to corporate operations to be removed, even if security personnel become aware of its use. 

Making adoption too simple, however, can also result in a rise in the number of underutilised, abandoned, and exposed apps. An app can frequently continue to function after it has been rejected during a proof of concept (PoC), abandoned because users have lost interest in it, or the app owner has left the company. This results in an expanded and unprotected attack surface that puts the organisation and its data at greater risk.

While educating business users on SaaS security best practises is important, it's even more crucial to prevent SaaS sprawl by teaching them to think more critically about the seductive promises of quick deployment and financial incentives made by SaaS suppliers.

Additionally, security teams ought to use solutions that can help them manage risks associated with SaaS misconfiguration and SaaS-to-SaaS integrations. These technologies allow customers to continue utilising SaaS applications as required while also conducting security due diligence on new vendors and integrations and setting up crucial security barriers.
Read more »
Subscribe to: Posts (Atom)