Category: Jeff Lanza’s Blog

Full Podcast Available Here:

https://overcast.fm/+PVWwxB-iI

The US Military prides itself on being one of the most powerful militaries on the face of the earth.  The best trained, the best equipped with the latest wartech.

https://mashable.com/article/adobe-creative-cloud-accounts-exposed/

Graphic designers, video editors, and other creatives beware: Nearly 7.5 million Adobe Creative Cloud accounts were exposed to the public.

The database containing the sensitive user info, discovered by security researcher Bob Diachenko and Comparitech, was accessible to anyone through a web browser.

The exposed user data for the nearly 7.5 million accounts included email addresses, the Adobe products they subscribed to, account creation date, subscription and payment status, local timezone, member ID, time of last login, and whether they were an Adobe employee.

While no passwords or financial information such as credit card numbers were exposed, the data is sensitive enough to cause real problems for Creative Cloud users.

It’s easy to see how a bad actor could use this data to create highly targeted and convincing phishing campaigns.

Adobe Creative Cloud includes industry standard software and some of the most popular apps for creatives such as Photoshop, Premiere, Illustrator, After Effects, InDesign, and more.

According to Comparitech, Diachenko immediately reached out to Adobe upon discovering the open database on Oct. 19. Adobe addressed the issue immediately and secured the database on the same day.

Diachenko believes the data was left exposed for about a week, however it’s unclear when the database first became publicly accessible or if there was any unauthorized access.

Adobe was last hit with a major data leak in 2013 when a hacker gained access to 38 million customers’ usernames, encrypted passwords, and credit card info.

Creative Cloud customers should be wary of any suspicious emails they receive claiming to be from the company.

Mashable has reached out to Adobe and will update this post when we hear back.

UPDATE: Oct. 25, 2019, 5:05 p.m. EDT Adobe reached out to Mashable to share the following statement posted to its website:

At Adobe, we believe transparency with our customers is important. As such, we wanted to share a security update.

Late last week, Adobe became aware of a vulnerability related to work on one of our prototype environments. We promptly shut down the misconfigured environment, addressing the vulnerability.

The environment contained Creative Cloud customer information, including e-mail addresses, but did not include any passwords or financial information. This issue was not connected to, nor did it affect, the operation of any Adobe core products or services.

We are reviewing our development processes to help prevent a similar issue occurring in the future.

https://www.cisomag.com/autonomous-cyber-defense/

As the near-constant stream of high-profile attacks suggests, the cyber-threat landscape is rapidly evolving with no sign of slowing. Cyber-attackers are not only moving faster, they are adding new and innovative tools within their toolkits. And as the entire world turns online, we are moving towards a future where cyber-threats increasingly threaten the safety of not just our data, but of our physical infrastructure too.

Sifting through the recent data breaches, certain trends emerge for how attacks are set to evolve in the future. Most notably, we’ve entered a critical era where the use of offensive AI by sophisticated threat-actors is nearer than ever. Whilst Cyber AI has, for the past several years, transformed how security teams identify and fight back against threats, we soon expect to see AI on the other side – attackers adopting the technology for nefarious uses.

Indeed, even beyond cybersecurity, AI is lowering barriers to entry and empowering organizations around the world to deliver services at a previously inaccessible scale and speed. Unfortunately, this same power is proving attractive to cyber-attackers. At Darktrace, we have seen the early signs of threat-actors using AI – whether it’s to supercharge spoofing emails or to create advanced malware that adopts its behavior to blend into the background noise of the network.

Take for example, the creation of spoof emails. By using AI, an attacker would be able to generate communication that for the average person, is virtually indistinguishable from genuine correspondence. And by leveraging the speed and scale made possible with AI, it would only take 2 attackers to create code that could generate 2 million emails a day with an 85% success rate – ultimately, making attacks significantly more profitable.  

Attacks on infrastructure

But AI attacks won’t just target emails and corporate networks. There is a more worrying type of attack on the horizon – the sabotage of critical infrastructure. Advanced threat-actors are turning away from just simple data theft and look instead to cause mass disruption. And as cities and nations trend towards ‘smart city’ infrastructure, the attack surface has grown exponentially – meaning that the risk has never been higher. Attackers can use AI to bypass traditional security tools and slowly and subtly cause instrumental damage to the operations of the infrastructure – all whilst going undetected.

These attacks have the potential to compromise our most critical infrastructure by turning off the lights, disrupting transport systems, and ultimately threatening public safety. The past year has shown us that geopolitical tensions are beginning to be played out in cyberspace. Nation states will have to be on high alert to protect their energy grids, manufacturing plants, and airports from sophisticated cyber-threats.

In fact, just last week, during the fourth Singapore International Cyber Week (SICW), the Operational Technology (OT) Cybersecurity Masterplan was unveiled, to enhance the security and resilience of Singapore’s critical infrastructure. A world-leading country in innovation and technology, this move by Singapore demonstrates the significance of the risk of cyber-threat to national critical infrastructure – and will no doubt set the trend for other Asia Pacific countries to follow suit, making cyber defense for critical infrastructure a priority.

Autonomous Cyber AI

Ultimately, the future almost certainly holds the reality of AI-driven cyber-attacks, where malware will have the ability to self-propagate via a series of autonomous decisions and intelligently tailor itself to the parameters of the infected system in order to become stealthier to evade detection. Organizations need to be readying themselves for what is fast becoming a cyber arms race.

Our brave new world seems to be one where algorithms will fight algorithms on the battleground of corporate networks. And only those with the best AI will win. But the fact is, there is no silver bullet for cybersecurity. While many boards are waking up to the reality that cyber-attacks are imminent, action is needed to prevent attacks from doing harm once the threat is already inside. Organizations need to shift their focus from post-breach response to early detection and autonomous response, which will generate a far more positive outcome for their organization and their stakeholders.

Autonomous Cyber AI is revolutionizing cyber defense and may prove to be our best line of defense against future AI attacks. Acting as a cyber ‘immune system’ for the digital enterprise, this AI is capable of learning what is ‘normal’ and ‘abnormal’ for the digital business on an evolving basis, without relying on prior knowledge of threats. Stepping in as the machine defender, this technology can not only identify never-before-seen threats, but also autonomously respond to isolate the attack before it does damage.

Ultimately, digital transformation is happening at such a pace that AI, especially in the area of cybersecurity, is being recognized as a ‘must-have’ in enabling companies to stay ahead of unpredictable threats. And once attackers turn to AI to supercharge their methods, cyber AI will be our most fundamental ally.

Indeed, more than 3,000 organizations around the world have turned to cyber AI as their most crucial weapon in the fight against the threats that no one can predict – the threat that slips through perimeter defenses, or the threat that is already inside.

Humans alone cannot detect the subtle, unusual behaviors indicative of today’s stealthy attacker, or at least, not before it is too late – networks are simply too big and too complex. And in an age where we’ll soon see machines fighting machines, far outpacing human security teams’ ability to keep up, arming up with cyber AI will be crucial to staying one step ahead of an ever-evolving adversary.

CISO MAG does not evaluate the advertised product, service, or company, nor endorse any of the claims made by the advertisement. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.