A Review of the Best News of the Week on Cybersecurity Management & Strategy

Court doc: Equifax allegedly used insecure password ‘admin’ to protect portal (SC Magazine, Oct 21 2019)
Failing to patch a critical vulnerability in its Apache Struts software was not the only major security oversight committed by Equifax in the lead-up to a highly damaging data breach in 2017, according to a document filed as part of a securities fraud class-action lawsuit filed earlier this year.

AWS Left Reeling After Eight-Hour DDoS (Infosecurity Magazine, Oct 24 2019)
US East Coast region particularly badly affected

Girl Scouts of USA Launch First National Cybersecurity Challenge (Infosecurity Magazine, Oct 18 2019)
Over 3,000 girls will take on America’s first Girl Scouts National Cyber Challenge


Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~11,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn


Former Twitter CISO shares his advice for IT security hiring and cybersecurity (ZDNet, Oct 20 2019)
Former Twitter CISO shares his advice for IT security hiring and cybersecurity..So instead from a security perspective, what I found effective at both Twitter and Mozilla, was moving towards this model of empowerment. And it’s very much along the idea of like security champions that I think a lot of people have had success with, but what we want to do is empower the teams to make good decisions within a reasonable bound of risks, and give them the tools so they can do that safely. It’s kind of the paved path approach.

How the under 30s expect new approaches to cybersecurity (Help Net Security, Oct 22 2019)
Under-30s, who are born into the digital age, on the other hand, are more laid back about cybersecurity responsibilities. They adopt different working practices and expect to be productive, flexible and agile at work using their own tools and devices.

Ad Targeting Gamers Successfully Cuts Cybercrime (Infosecurity Magazine, Oct 21 2019)
From late December 2017 to June 2018, the NCA targeted young gamers in the UK with Google adverts explaining that DoS attacks are illegal. The adverts would appear when a user searched for booter services.

Historical Breadcrumbs Link Magecart 5 to Carbanak Group (SecurityWeek, Oct 22 2019)
Magecart is the umbrella term for a range of criminal groups that use software to perform digital credit card skimming. It isn’t clear how many different Magecart groups are currently operating. There are some suggestions that there are dozens, but with counter-suggestions that some of these may be individual operators rather than groups.

A Brief History of Russian Hackers’ Evolving False Flags (Wired, Oct 21 2019)
Most hackers know how to cover their tracks. But Russia’s elite groups are working at a whole other level.

IBM tears into Google’s ‘quantum supremacy’ claim (Naked Security – Sophos, Oct 24 2019)
Is ‘quantum supremacy’ the moment that the rarefied world of quantum computing finally enters popular consciousness? Probably not.

40% of Security Pros Job Hunting as Satisfaction Drops (Dark Reading, Oct 24 2019)
Symptoms of job dissatisfaction creep into an industry already plagued with gaps in diversity and work-life balance.

Italians Rocked by Ransomware (Infosecurity Magazine, Oct 18 2019)
Italy is experiencing a rash of ransomware attacks that play dark German rock music while encrypting victims’ files. Targeted inboxes have received emails with malicious content posing as resumes, invoices, or documents scans. The emails include a Visual Basic script (.vbs) file that downloads and blasts out Rammstein hits while encrypting files on the victim’s computer.

Czech Police, Intelligence Bust Russian Spy Network (SecurityWeek, Oct 21 2019)
Czech police and intelligence services said on Monday they had busted a Russian espionage network operating through its Prague embassy.

Why Technologists Need to Get Involved in Public Policy (Schneier on Security, Oct 18 2019)
Last month, I gave a 15-minute talk in London titled: “Why technologists need to get involved in public policy.” In it, I try to make the case for public-interest technologists. (I also maintain a public-interest tech resources page, which has pretty much everything I can find in this space. If I’m missing something, please let me know.)

German Automation Giant Still Down After Ransomware Attack (Infosecurity Magazine, Oct 22 2019)
Major producer of industrial automation tools, Pilz, reveals disruption

A Roundtable of Hackers Dissects ‘Mr. Robot’ Season 4 Episode 3: ‘Forbidden’ (VICE, Oct 21 2019)
Technologists, hackers, and journalists recap the third episode of the final season of the realistic hacking show.

10% of Small Businesses Breached Shut Down in 2019 (Dark Reading, Oct 23 2019)
As a result of cybercrime, 69% of small organizations were forced offline for a limited time and 37% experienced financial loss.

Analysts explore the top strategic technology trends for 2020 (Help Net Security, Oct 23 2019)
Gartner defines a strategic technology trend as one with substantial disruptive potential that is beginning to break out of an emerging state into broader impact and use, or which is rapidly growing with a high degree of volatility reaching tipping points over the next five years

Tips for Leveraging Security Metrics (SecurityWeek, Oct 23 2019)
My previous column on security metrics seemed to generate quite a bit of interest.  This tells me that metrics is a topic that, while challenging, is also important and at the top of the priority list for security organizations.

Inside the U.S. Cyber Army (VICE, Oct 24 2019)
In 2019, the American war machine doesn’t simply need soldiers, helicopters, or F-22s. It also needs hackers.

Ransomware Hits B2B Payments Firm Billtrust (Krebs on Security, Oct 22 2019)
Business-to-business payments provider Billtrust is still recovering from a ransomware attack that began last week.  The company said it is in the final stages of bringing all of its systems back online from backups.