Security News












        Scammer Successfully Deepfaked CEO's Voice To Fool Underling Into Transferring $243,000. The CEO of an
        energy firm based in the UK thought he was following his boss’s urgent orders in March when he transferred
        funds to a third-party. The request came from the AI-assisted voice of a fraudster. The Wall Street Journal
        reports that the mark believed he was speaking to the CEO of his businesses’ parent company based in
        Germany. The German-accented caller told him to send €220,000 ($243,000 USD) to a Hungarian supplier
        within the hour. Euler Hermes fraud expert Rüdiger Kirsch told WSJ that the victim recognized his superior’s
        voice because it had a hint of a German accent and the same “melody.” AI-generated voice technology has
        become disturbingly realistic in recent months and Kirsch told the Journal that it he believes commercially-
        available software was used to facilitate the fraudulent executive impersonation. In May, the AI company
        Dessa released a simulation of the podcaster Joe Rogan voice that was a near-perfect replica of his t’s gravelly
        timbre. It was so similar to the real thing that a longtime listener would have difficulty distinguishing between
        Joe Rogan and “Joe Fauxgan.”

                Source: https://gizmodo.com/scammer-successfully-deepfaked-ceos-voice-to-fool-under-1837835066



        Cybersecurity alert: 34% of vulnerabilities found this year remain unpatched. A mid-year report on
        vulnerabilities found so far in 2019 from Risk Based Security should make security professionals take notice:
        There are some serious risks out there. In the first half of 2019, there have been about 4,000 fewer entries in
        the common vulnerabilities and exploits (CVE) database, but that's no reason to start resting easy: 34% of the
        11,092 reported vulnerabilities remain unpatched. There are a variety of types of vulnerabilities included in
        the report, but the most popular (accounting for 53% of reports in 2019) are remote ones. Input manipulation
        accounted for 66% of reported vulnerability cases so far in 2019, which continues a trend that Risk Based
        Security said has been the case for years. SQL injection attacks, one of the oldest and most common forms of
        input manipulation, have been an issue since the dawn of the internet, and their popularity shows that they'll
        probably continue to be such. Along with remote vulnerabilities, context-dependent, local, and mobile exploits
        make the list, but in small percentages compared to remote ones. In short, the most likely way your systems
        are going to be hit is with a remote attack attempting to exploit input manipulation vulnerabilities.

                Source: https://www.techrepublic.com/article/cybersecurity-alert-34-of-vulnerabilities-found-this-
                year-remain-unpatched/



        94% enterprises will use IoT by end 2021: Microsoft report - According to the report, nearly nine in 10 (85%)
        surveyed say they have at least one IoT project in either the learning, proof of concept, purchase, or use
        phase, with many reporting they have one or more projects currently in ‘use’. Adoption is expected to increase
        with 94% of businesses saying they will be using IoT by the end of 2021, while 88% of adopters say IoT is
        critical to the success of their respective companies.

                Source: https://www.livemint.com/technology/tech-news/94-enterprises-will-use-iot-by-end-2021-
                microsoft-report-1565165449842.html







                                                    www.accumepartners.com
                                                                                                                     5