Pub Date : 2023-02-01DOI: 10.12968/s1361-3723(23)70010-9
Tim Wallen
{"title":"The year of the business-driven CISO","authors":"Tim Wallen","doi":"10.12968/s1361-3723(23)70010-9","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70010-9","url":null,"abstract":"","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"20 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75476184","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-01DOI: 10.12968/s1361-3723(23)70009-2
Rani Osnat
The cloud native application protection platform (CNAPP) is a response to growing threats against cloud-native architectures. But it's not a simple matter of picking an off-the-shelf solution. Organisations looking to reap the benefits of cloud-native applications need to carefully consider their security requirements too.
{"title":"Rethinking security with cloud native in mind","authors":"Rani Osnat","doi":"10.12968/s1361-3723(23)70009-2","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70009-2","url":null,"abstract":"The cloud native application protection platform (CNAPP) is a response to growing threats against cloud-native architectures. But it's not a simple matter of picking an off-the-shelf solution. Organisations looking to reap the benefits of cloud-native applications need to carefully consider their security requirements too.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"42 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80324381","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-01DOI: 10.12968/s1361-3723(23)70008-0
Helen Masters
The threats facing organisations go beyond the cyber realm. We're heading into a tough economic climate and organisations must overcome a range of challenges. This could lead to cyber security slipping down the list of priorities. But this is no time to drop your guard. The fact is, in this environment you can't afford a cyber security incident.
{"title":"How secure is your organisation?","authors":"Helen Masters","doi":"10.12968/s1361-3723(23)70008-0","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70008-0","url":null,"abstract":"The threats facing organisations go beyond the cyber realm. We're heading into a tough economic climate and organisations must overcome a range of challenges. This could lead to cyber security slipping down the list of priorities. But this is no time to drop your guard. The fact is, in this environment you can't afford a cyber security incident.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"22 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91038875","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-02-01DOI: 10.12968/s1361-3723(23)70007-9
Jahnavi Sivaram, Jigisha M Narrain, Prasad B. Honnavalli, Sivaraman Eswaran
The rise in frequency and consequence of cybercrimes enabled by artificial intelligence (AI) has been a cause of concern for decades. At the same time, we've seen the development of defensive capabilities. This article examines the mechanics of AI-enabled attacks. These include voice mimicking used for crime, and natural processing algorithms absorbing harmful and offensive human text patterns to create problematic virtual situations. It also looks at shadow models – evasion, infiltration and manipulation of machine-learning models through shadow modelling techniques are on the rise due to their straightforward development methods, allowing the identification of shortcomings in input features, which can cause misclassification by the model. With a special focus on spam filters, their structure and evasion techniques, we look at the ways in which artificial intelligence is being utilised to cause harm, concluding with a final analysis of the Proofpoint evasion case.
{"title":"Adversarial machine learning: the rise in AI-enabled crime","authors":"Jahnavi Sivaram, Jigisha M Narrain, Prasad B. Honnavalli, Sivaraman Eswaran","doi":"10.12968/s1361-3723(23)70007-9","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70007-9","url":null,"abstract":"The rise in frequency and consequence of cybercrimes enabled by artificial intelligence (AI) has been a cause of concern for decades. At the same time, we've seen the development of defensive capabilities. This article examines the mechanics of AI-enabled attacks. These include voice mimicking used for crime, and natural processing algorithms absorbing harmful and offensive human text patterns to create problematic virtual situations. It also looks at shadow models – evasion, infiltration and manipulation of machine-learning models through shadow modelling techniques are on the rise due to their straightforward development methods, allowing the identification of shortcomings in input features, which can cause misclassification by the model. With a special focus on spam filters, their structure and evasion techniques, we look at the ways in which artificial intelligence is being utilised to cause harm, concluding with a final analysis of the Proofpoint evasion case.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"13 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83206955","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.12968/s1361-3723(23)70001-8
S. Desai
The current hybrid way of working has become a new playground for cyber criminals. Attacks of all kinds have increased as malicious actors have sought to exploit weaknesses in infrastructures that were hurriedly constructed to support remote working. The good news is that technology is rising to the challenge.
{"title":"Curbing modern cyberthreats","authors":"S. Desai","doi":"10.12968/s1361-3723(23)70001-8","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70001-8","url":null,"abstract":"The current hybrid way of working has become a new playground for cyber criminals. Attacks of all kinds have increased as malicious actors have sought to exploit weaknesses in infrastructures that were hurriedly constructed to support remote working. The good news is that technology is rising to the challenge.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"2 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85688815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.12968/s1361-3723(23)70003-1
Ilker Kara, Ceren Korkmaz, Alihan Karatatar, M. Aydos
Forensic image analysis can be used to resolve difficult incidents, such as the increasing number of child sexual abuse cases. Although the United Nations and European Union countries are trying to fight these crimes, criminals are developing new methods to circumvent the measures taken. Sharing videos that do not contain any criminal elements and inserting child sexual abuse videos between frames is a new method that has been seen recently. This article proposes a new method to analyse the videos prepared this way. The proposed method is particularly advantageous for detecting and analysing videos that have been manipulated and embedded in different content and can be applied as a new technique.
{"title":"A forensic method for investigating manipulated video recordings","authors":"Ilker Kara, Ceren Korkmaz, Alihan Karatatar, M. Aydos","doi":"10.12968/s1361-3723(23)70003-1","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70003-1","url":null,"abstract":"Forensic image analysis can be used to resolve difficult incidents, such as the increasing number of child sexual abuse cases. Although the United Nations and European Union countries are trying to fight these crimes, criminals are developing new methods to circumvent the measures taken. Sharing videos that do not contain any criminal elements and inserting child sexual abuse videos between frames is a new method that has been seen recently. This article proposes a new method to analyse the videos prepared this way. The proposed method is particularly advantageous for detecting and analysing videos that have been manipulated and embedded in different content and can be applied as a new technique.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"58 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85486895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.12968/s1361-3723(23)70002-x
Eric Escobar
Many of the computer systems and networks most essential to our daily lives are invisible. They manage crucial infrastructure on which society depends. And yet many of these systems are surprisingly difficult to protect. Securing industrial control system (ICS) solutions and operational technology (OT) networks requires different approaches and tools compared to most conventional technology.
{"title":"Understanding the complexities of operational technology security","authors":"Eric Escobar","doi":"10.12968/s1361-3723(23)70002-x","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70002-x","url":null,"abstract":"Many of the computer systems and networks most essential to our daily lives are invisible. They manage crucial infrastructure on which society depends. And yet many of these systems are surprisingly difficult to protect. Securing industrial control system (ICS) solutions and operational technology (OT) networks requires different approaches and tools compared to most conventional technology.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"80 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91024215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.12968/s1361-3723(23)70004-3
Phil Robinson
A combination of economic pressures, sophisticated assaults that maximise returns and a shortage of skilled professionals now mean that businesses can expect to become increasingly vulnerable to attack as they enter 2023.
{"title":"The perfect cyber storm – security budgets, skills shortages and automated attacks","authors":"Phil Robinson","doi":"10.12968/s1361-3723(23)70004-3","DOIUrl":"https://doi.org/10.12968/s1361-3723(23)70004-3","url":null,"abstract":"A combination of economic pressures, sophisticated assaults that maximise returns and a shortage of skilled professionals now mean that businesses can expect to become increasingly vulnerable to attack as they enter 2023.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"37 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83553646","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.12968/s1361-3723(22)70604-5
S. Goodwin
Conti has proven to be one of the most virulent forms of ransomware. It has caused untold damage, and many organisations struggle to combat this kind of threat on their own. This is where a security partner, with an effective and experienced security operations centre (SOC), can play a key role.
{"title":"Deciphering Conti and the need for effective SOCs","authors":"S. Goodwin","doi":"10.12968/s1361-3723(22)70604-5","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70604-5","url":null,"abstract":"Conti has proven to be one of the most virulent forms of ransomware. It has caused untold damage, and many organisations struggle to combat this kind of threat on their own. This is where a security partner, with an effective and experienced security operations centre (SOC), can play a key role.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"28 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81833169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.12968/s1361-3723(22)70606-9
Assaf Morag
The popular data practitioners’ tool, Jupyter Notebook, has become the victim of a Python-based ransomware attack for the first time. The popular open-source platform is vulnerable to misconfiguration, which could leave your servers wide open to attack.
{"title":"The threats to Jupyter Notebook","authors":"Assaf Morag","doi":"10.12968/s1361-3723(22)70606-9","DOIUrl":"https://doi.org/10.12968/s1361-3723(22)70606-9","url":null,"abstract":"The popular data practitioners’ tool, Jupyter Notebook, has become the victim of a Python-based ransomware attack for the first time. The popular open-source platform is vulnerable to misconfiguration, which could leave your servers wide open to attack.","PeriodicalId":35636,"journal":{"name":"Computer Fraud and Security","volume":"11 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89279971","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: