News

10/24/2018
12:05 PM
Steve Zurier
Steve Zurier
Slideshows
Connect Directly
Twitter
RSS
E-Mail

8 Threats That Could Sink Your Company

Security researchers warn of both new and re-emerging threats that can cause serious harm.
8 of 9

7. Business-Process Exploits
As companies undergo digital transformation and automate processes with artificial intelligence and machine learning, new technical and systemic vulnerabilities will emerge, ready to be exploited, says Ed Cabrera, chief cybersecurity officer at Trend Micro. For example, as companies continue to automate, process vulnerabilities around the supply chain will free up opportunities for cybercriminals to make large sums of money, he says. In many ways, the same players, such as nation-state groups and cybercriminal organizations, will be the culprits, but the context will change, Cabrera adds. As legitimate businesses gain access to automated tools, so will the bad guys. Cabrera warns that attackers will continue to innovate, automate, and build more capacity as they collaborate in cybercriminal undergrounds.
Image Source: Pixabay

7. Business-Process Exploits

As companies undergo digital transformation and automate processes with artificial intelligence and machine learning, new technical and systemic vulnerabilities will emerge, ready to be exploited, says Ed Cabrera, chief cybersecurity officer at Trend Micro. For example, as companies continue to automate, process vulnerabilities around the supply chain will free up opportunities for cybercriminals to make large sums of money, he says. In many ways, the same players, such as nation-state groups and cybercriminal organizations, will be the culprits, but the context will change, Cabrera adds. As legitimate businesses gain access to automated tools, so will the bad guys. Cabrera warns that attackers will continue to innovate, automate, and build more capacity as they collaborate in cybercriminal undergrounds.

Image Source: Pixabay

8 of 9
Comment  | 
Print  | 
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
10/29/2018 | 9:24:05 PM
XSS & SMCI
XSS attacks have long been popular, so it only makes sense that Layer 7 attacks are on the rise.

As for supply-chain attacks? Well, just ask Supermicro. Even the allegation based on anonymous sourcing is enough to sink your company's stock!
MichelleWade
50%
50%
MichelleWade,
User Rank: Apprentice
10/28/2018 | 11:34:57 PM
great
great
'PowerSnitch' Hacks Androids via Power Banks
Kelly Jackson Higgins, Executive Editor at Dark Reading,  12/8/2018
The Case for a Human Security Officer
Ira Winkler, CISSP, President, Secure Mentem,  12/5/2018
Windows 10 Security Questions Prove Easy for Attackers to Exploit
Kelly Sheridan, Staff Editor, Dark Reading,  12/5/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8651
PUBLISHED: 2018-12-12
A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV.
CVE-2018-8652
PUBLISHED: 2018-12-12
A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1.
CVE-2018-8617
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8...
CVE-2018-8618
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8...
CVE-2018-8619
PUBLISHED: 2018-12-12
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Exp...