This infographic provides a summarized list of the points made in McAfee’s 2019 threat predictions blog post.

In this edition, we highlight the notable investigative research and trends in threats statistics gathered by the McAfee Advanced Threat Research and McAfee Labs teams in Q2 of 2018. Cybercriminals continue to follow the money. Although this statement is familiar, our latest Threats Report clearly shows the migration from certain older attacks to new threat vectors as they become more profitable. Just as in Q1, we see the popularity of cryptocurrency mining continue to rise. In this report we detail recent findings from three McAfee Labs analyses that appeared in Q2. You can read summaries of each on pages 5-7. One area of investigation by our research teams is in digital assistants. In Q2 we analyzed a vulnerability in Microsoft’s Cortana. This flaw allowed an attacker to log into a locked Windows device and execute code. Following our vulnerability disclosure policy, we communicated our findings to Microsoft; the analysis resulted in CVE-2018-8140. We also examined the world of cryptocurrency attacks with an in-depth view of blockchain technology. Our report detailed many of the vulnerabilities being exploited by threat actors looking for a quick return on their investment.

With hundreds of thousands of implementations across the globe, Enterprise Resource Planning (ERP) applications are supporting the most critical business processes for the biggest organizations in the world. This report is the result of joint research performed by Digital Shadows and Onapsis, aimed to provide insights into how the threat landscape has been evolving over time for ERP applications. We have concentrated our efforts on the two most widely-adopted solutions across the large enterprise segment, SAP and Oracle E-Business Suite, focusing on the risks and threats organizations should care about.

Fidelis Threat Research analysts have discovered a new version of ThreadKit, malware notorious for it’s use by the cybercrime organization known as Cobalt Group. This report will provide analysis of a recent campaign, seen October 30th , utilizing the Cobalt Group malware frameworks. Cobalt Group was believed to have suffered a hit earlier this year[1] with the reported arrest of one of its members. After the arrest, the campaigns appear to have slowed significantly however despite this, there has been continued development concerning the groups malware framework.

When law enforcement announced the seizure of AlphaBay in July 2017, the United States Attorney General Jeff Sessions described the operation as: “one of the most important criminal investigations of the year…because of this operation, the American people are safer – safer from the threat of identity fraud and malware, and safer from deadly drugs.” 1 The timing and coordination of the law enforcement operation, known as Operation Bayonet, was a clear success and has contributed to multiple subsequent arrests.2 Almost one year later, the marketplace model appears to be in decline, but the risks to businesses and consumers have not subsided. Instead, this paper demonstrates that cybercriminals have taken to incorporating new processes, technologies, and communication methods to continue their activities.

From the report, “Unless companies come to realize that their security perimeters must grow beyond the corporate firewall to encompass social media networks and other areas such as the Dark Web, then the global cost of cyber crime will continue to mushroom.

This e-book provides good insight into understanding cyber crime.

Working with some of the world’s leading online brands, CyberInt takes a look at the fraud threats that retailers receive in the cyber world.

In light of the new development of Crypto Currency, this paper can begin to address important questions about the outlook for digital currencies, including: If individuals lose trust in alternative coins and no longer see them as profitable, then what does this mean for the future of cryptocurrencies? How will the cryptocurrency landscape change in 2018? And will cryptocurrency fraud ultimately obstruct the rapid growth of digital currencies worldwide?

To lure unsuspecting consumers to fake websites to purchase counterfeit goods, cybercriminals abuse the Domain Name System (DNS) – every day, every hour, every minute. In this report, “Luxury Brands, Cheap Domains: Why Retailers Are Losing The Fight Against Online Counterfeiting,” cybersecurity firms Farsight Security and DomainTools, the leaders in DNS intelligence, took a close look at four international luxury brand domains and learned that the potential abuse of their brand, by counterfeiting and other malicious activities, is significant.

Guided by Threat Compass, the Blueliv’s Annual Cyberthreat Landscape Report takes a birds-eye view of the major events and trends of last year. The Threat Intelligence analysts at Blueliv then offer their insight into an ever-more sophisticated cybercrime industry for 2018.

This report offers a view of The Republic of South Africa. And takes a look at the Threat Landscape of that nation.

Russia will host the 2018 FIFA World Cup from 14 June to 15 July 2018 at 12 different venues throughout 11 host cities, and thousands of foreign visitors are expected to travel to the games. With major sporting events increasingly targeted by physical and cyber threats, we believe that FIFA and their affiliates, spectators, athletes, officials, or other attendees are likely to be confronted by a range of security risks such as protests/demonstrations, hooliganism, financial fraud, and to a lesser extent hacktivism, terrorism, and cyber espionage.

Digital businesses must manage, govern, and secure customers’ access to systems without hurting the customer experience. As firms increase the digital channels for customer interaction, they also increase the number of potentially confusing consumer authentication experiences. As a result, they’re hemorrhaging customers and suffering increased support costs related to password and authentication. This report outlines 10 barriers to authentication success — and how S&R pros can improve online security without sacrificing experience.

Cybercriminals will use any and all devices available to them in order to lie, cheat and steal from you. Until they’re blocked. Then they switch to different devices, counting on your fraud prevention efforts to forget about their old devices. When that happens, they start using their old devices again. They would love for you to believe that device history isn’t important. That’s why your fraud prevention tools shouldn’t forget older devices either. It’s essential to know when a device, especially one that’s new to your business, has a history of fraud. Even if that fraud happened years ago.

The ancient Chinese general Sun Tzu said “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” While it’s unrealistic to think we can win every battle against cyber criminals, Sun Tzu’s words have a lot to offer. The problem that every privacy and security team faces is how to defend on every possible front with finite resources and budget. And the simple answer is, you don’t have to.

This e-book offers insight into online fraud and cyber-crime.

In this midyear report, TrendMicro tracks the tendency of security risks to emerge from aspects of computing that are often overlooked and show how costly they can be especially for enterprises.

We live in a new era of network attacks. Increasing frequency and varieties, together with the latest regulations which have global impact, makes 2018 the most important year in recent times for public and private sector organizations.

Since 2015, LexisNexis Risk Solutions has administered an annual study to determine the extent to which fraud cases span multiple industries. The national online survey included 800 fraud mitigation professionals from five industry segments and government with oversight or direct involvement in fraud programs at their organizations. It has a margin of error of +/- three points (at the 95% confidence level), and LexisNexis was not identified as the research sponsor.

Between April and July 2018, Fidelis conducted a study of 582 security professionals to evaluate the adoption of threat hunting practices and overall security posture strengths and weaknesses.