A Review of the Best News of the Week on Cybersecurity Management & Strategy
Western intelligence hacked ‘Russia’s Google’ Yandex to spy on accounts (Reuters, Jun 28 2019)
Hackers working for Western intelligence agencies broke into Russian internet search company Yandex in late 2018, deploying a rare type of malware in an attempt to spy on user accounts, four people with knowledge of the matter told Reuters.
U.S. Struck Iranian Military Computers This Week (SecurityWeek, Jun 23 2019)
U.S. military cyber forces launched a strike against Iranian military computer systems on Thursday as President Donald Trump backed away from plans for a more conventional military strike in response to Iran’s downing of a U.S. surveillance drone, U.S. officials said Saturday.
GOP senators nix vote on Election Security Act, similar bills wend their way through Congress (SC Magazine, Jun 26 2019)
Republicans in the Senate rebuffed an attempt by presidential candidate Sen. Amy Klobuchar, D-Minn., ranking member of the Senate Rules Committee, to bring the Election Security Act to a vote Tuesday.
One of My Favorite Things
Since I started this curated newsletter in June 2017, I’ve clipped ~10,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Here’s how Iran disrupted U.S. businesses the last time it launched major cyberattacks (The Washington Post, Jun 25 2019)
Iran has been one of the United States’ most consistent digital foes during the past decade. It’s also among the most nettlesome, with hackers targeting a broad swath of victims ranging from banks and hospitals to universities and government agencies.
How to Expand the ‘Have I Been Pwned’ Brand (VICE, Jun 25 2019)
A tongue-in-cheek proposal to make Have I Been Pwned’s brand even more valuable.
Google delivers new G Suite security tools (Help Net Security, Jun 26 2019)
The security sandbox and advanced phishing and malware protection options are for G Suite administrators to switch on via then Admin console.
Breach at Cloud Solution Provider PCM Inc. (Krebs on Security, Jun 27 2019)
“A digital intrusion at PCM Inc., a major U.S.-based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company’s clients, KrebsOnSecurity has learned.”
Former Equifax Executive Gets 4 Months for Insider Trading (SecurityWeek, Jun 28 2019)
A former Equifax executive who sold stock a week and a half before the company announced a massive data breach was sentenced Thursday to serve four months in federal prison for insider trading.
Ex-Senate Aide Sentenced to 4 Years in Prison for Data Leak (SecurityWeek, Jun 24 2019)
A former congressional staffer was sentenced to four years in prison Wednesday after pleading guilty to illegally posting online the home addresses and telephone numbers of five Republican senators who backed Brett Kavanaugh’s Supreme Court nomination.
Introducing the AWS Security Incident Response Whitepaper (AWS Security Blog, Jun 24 2019)
AWS recently released the AWS Security Incident Response whitepaper, to help you understand the fundamentals of responding to security incidents within your cloud environment. The whitepaper reviews how to prepare your organization for detecting and responding to security incidents, explores the controls and capabilities at your disposal, provides topical examples, and outlines remediation methods that leverage automation to improve response speed.
US Adds AMD Joint Venture to Entity List (Infosecurity Magazine, Jun 24 2019)
Five more Chinese organizations are blacklisted
FERC expands cybersecurity reporting standards to include non-disruptive incidents (Utility Dive, Jun 21 2019)
The Federal Energy Regulatory Commission (FERC) approved on Thursday an order to expand reporting requirements for attempts to compromise the national grid, a move it expects will improve the security of the bulk electric system.
Health Insurer Reports Data Breach That Began 9 Years Ago (Dark Reading, Jun 24 2019)
Dominion National first spotted something awry in April 2019.
Russian cyber spies likely hijacked Iranian APT group’s infrastructure to deliver backdoor (SC Magazine, Jun 25 2019)
In early 2018, the Russian APT group Turla likely hijacked the command-and-control infrastructure of Iranian cyberespionage group OilRig, in order to deliver a custom backdoor to its intended victim, according to researchers.
Hackers breach NASA, steal Mars mission data (WeLiveSecurity, Jun 24 2019)
The infiltration was only spotted and stopped after the hackers roamed the network undetected for almost a year
Social engineering forum hacked, user data dumped on rival site (Naked Security – Sophos, Jun 26 2019)
Social Engineered, dedicated to the “Art of Human Hacking,” was gutted, with 55,121 users’ details leaked on the same day as the hack.
Breaking the Endless Cycle of “Perfect” Cybercrimes (Dark Reading, Jun 26 2019)
A two-step strategy for creating an attack environment that is more complex, less profitable, and more likely to expose the attacker.
Second Florida City Hit by Ransomware Opts to Pay (Infosecurity Magazine, Jun 26 2019)
The mayor of Lake City, Florida, says the city will pay the $460,000 ransom.
Hackers Steal Millions from Cryptocurrency Exchange Bitrue (SecurityWeek, Jun 27 2019)
Singapore-based cryptocurrency exchange Bitrue revealed on Thursday that hackers managed to access and move the funds of tens of its customers.
Alphabet’s cybersecurity arm will be absorbed into Google (Business Insider, Jun 27 2019)
Alphabet’s cybersecurity business, Chronicle, is being absorbed into Google and will join forces the company’s Cloud division. But the move also signals the ongoing vagaries of the Alphabet corporate structure, with the Chronicle move marking the second time that Google has brought an Alphabet company under its wings. And it comes amid a potential antitrust suit for the tech giant.