Irrational exuberance at AI Infra Summit
Listening to the presentations and pitches of the companies participating in the very well-attended AI Infra Summit that ended inmore
Read more...
Author: Lou Covey
Scam bucket: 3-part scam sweeping nation
A multiphase scam is growing in the US, draining retirement accounts of US citizens, according to the FBI’s Internet Crime………more...
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
Deepfakes in legal fraud unaddressed
Stopping fraud is a major focus of cybersecurity is criminal fraud. Largely, the industry is winning that war. Nowhere is that protection more successful than in combatting deepfake crime, even though industry marketing is geared to promote fear over success. Where deepfakes are causing the real problem is in legal fraud.
Digital fraud represents 0.02 percent of all fraud claims according the National Crime Insurance Bureau (NCIB). While there is evidence that criminal use of AI is increasing the number of attacks, the number of successful attacks is too low to warrant recording.
Deepfake crime a trifle
The FBI’s Internet Crime Complaint Center (IC3) lumps all forms of online fraud into a single category. Even so, the IC3 fielded 859,532 complaints of suspected internet crime in 2024. Of those complaints, 256,256 incidents resulted in actual monetary losses, representing an average loss of $19,372 per complaint. Overall, the reported losses exceeded $16.6 billion, a 33% increase from 2023. However, the top three cybercrimes in 2024 reported to IC3 were phishing/spoofing, extortion, and personal data breaches. None of those required the use of deepfake technology, and rarely did.
Extrapolating the data from NCIB with IC3’s indicates successful deepfake fraud cases were less than 50 in total in 2024 with 94% of those occurring during a spike of activity between November and December 2024.
Read more...
AI chaos creates MCP hole
The AI industry is an absolute mess. The technologies necessary for its operation are siloed and opaque to customers without the technical skills to understand them. The chaos of model context protocol (MCP) adoption is a case in point.
Anthropic’s created MCP and released last November). The companies chatbot, Claude, said the protocol “bridges the gap between AI models and the external world.” More simply, it is an AI application integrator. MCP servers are supposed to do this securely without giving access to sensitive areas of a user's computer or network. Multiple reports from security researchers say it fails miserably in that effort. That makes current agentic AI technology development dangerous. Undaunted, corporate momentum and boardroom ignorance is driving it forward.
Read more...
Scam Bucket: Spoofed emails
We often receive reports from readers asking whether they have “been hacked” when a friend, relative, or coworker tells them………more...
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
Don’t click ‘ClickFix’ boxes
You’re working on your laptop, searching websites for information, and suddenly a box pops up that indicates a vague problemmore
Read more...
Cybersecurity companies underinsured?
Data breaches are a major concern to businesses and governments around the world. So one would think that carrying cyber insurance would be a given. It is not, especially for one particular classification of industry: Cybersecurity.
According to Munich Re, a risk analysis firm, 87% of companies lack coverage. Ransomware payouts doubled to $1.1B in 2023, according to Chainalysis. That’s probably why the cyber insurance industry is booming. The market hit $14B in 2023 and is set to double to $29B by 2027.
Large firms are more likely to carry insurance than small to medium companies (SMCs), even though they are more likely to be targeted by cybercriminals. However, small companies are more likely to carry much larger limits than larger companies.
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
Preview: Special Issue on NHI
For good or bad, we are in the age of autonomous artificial intelligence systems. They can be categorized as bots, AI, agents, daemons, work flows, digital workers and a dozen others. Some may argue all of that are completely separate things but for the purpose of this article, we will call them all non-human identities (NHI). Their purpose is to eliminate the need for humans to do that same work. The problem is, humans are almost outnumbered by the total of good and bad.
This interview with Mike Towers, chief security and trust officer at Veza previews our coverage of the rise of and issues related to NHI. To read the entire issue, get a subscription today.
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here
Q-Day isn’t as dangerous as our government
The post quantum computing (PQC) industry wants us to believe that Q-day, the day that a quantum computer is right around the corner. It isn’t. But that doesn’t mean what the niche members are working on is worthless. Perhaps the most important task they have is limiting government surveillance of the innocent.
If you don’t already know, Q Day is the day when a quantum computer exists powerful enough to break current military-grade encryption standards. This has been a major disaster predicted by many, not the least being Wired Magazine. Most in the industry claim it will happen in the next decade, if it hasn’t already happened.
Read more...
Scam Bucket: Think before you click unsubscribe
You’ve done this many times. Checking your email you find a ton of spam, especially from this one organization or person. You are finally tired of it. You search the email for the “unsubscribe” link, buried somewhere on the bottom, and are about to click it.
STOP!
Free Membership Required
You must be a Free member to access this content.
Already a member? Log in here