A Review of the Best News of the Week on Cybersecurity Management & Strategy
CrowdStrike Global Threat Report 2020 Reveals Top Adversary Trends (crowdstrike, Mar 03 2020)
The trend toward malware-free tactics accelerated, with malware-free attacks surpassing the volume of malware attacks. In 2019, 51% of attacks used malware-free techniques compared to 40% using malware-free techniques in 2018, underscoring the need to advance beyond traditional antivirus (AV) solutions.
French Firms Rocked by Kasbah Hacker? (Krebs on Security, Mar 02 2020)
“A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. An individual thought to be involved has earned accolades from the likes of Apple, Dell, and Microsoft for helping to find and fix security vulnerabilities in their products.”
Ransomware Attacks Prompt Tough Question for Local Officials: To Pay or Not to Pay? (The Pew Charitable Trusts, Mar 05 2020)
There were at least 113 successful ransomware attacks on state and local governments last year.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~13,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
The RNC Stopped Paying a Data Firm After A Serious Breach. Then It Paid A Mysterious LLC With the Same Address (ProPublica, Mar 02 2020)
Three years after the Republican National Committee publicly sidelined the sullied firm, it paid an LLC with the same address $900,000 for “data services.” The RNC said it wouldn’t “waste any more breath explaining these innocuous issues.”
You are focusing too much on vulnerabilities that pose little danger (Help Net Security, Mar 02 2020)
The top 20 most popular container images on DockerHub were analyzed to discover that 50% of vulnerabilities were never loaded into memory and therefore did not pose a threat, regardless of Common Vulnerability Scoring System (CVSS) scores and despite vast resources in budget and manpower spent on patching or mitigation.
Coder Charged in Massive CIA Leak Portrayed as Vindictive (SecurityWeek, Mar 03 2020)
A software engineer on trial in the largest leak of classified information in CIA history was “prepared to do anything” to betray the agency, federal prosecutors said Monday as a defense attorney argued the man had been scapegoated for a breach that exposed secret cyberweapons and spying techniques.
How to gather cyber threat intelligence from dark markets without breaking US law (Help Net Security, Mar 03 2020)
The U.S. Department of Justice’s Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, at the same time, want to stay on the right side of the (U.S. federal criminal) law.
RSA Conference 2020: 36,000 attendees, 704 speakers and 658 exhibitors (Help Net Security, Mar 01 2020)
RSA Conference concluded its 29th annual event in San Francisco last Friday. More than 36,000 attendees, 704 speakers and 658 exhibitors gathered at the Moscone Center last week to explore the Human Element in cybersecurity through hundreds of keynote presentations, track sessions, tutorials, seminars and special events.
FBI Indicts Alleged Ticketfly Hacker (Infosecurity Magazine, Feb 28 2020)
FBI indicts alleged Ticketfly hacker accused of compromising 127 million user accounts
Michigan Healthcare Group Hack Went Undetected for Six Months (Infosecurity Magazine, Feb 28 2020)
Michigan healthcare group takes six months to detect breach that exposed patient data
Railroad Construction Firm RailWorks Falls Victim to Ransomware (SecurityWeek, Mar 02 2020)
Rail contractor RailWorks Corporation is notifying employees and third-parties that it recently fell victim to a ransomware attack in which sensitive information might have been compromised.
How Security Leads at Starbucks and Microsoft Prepare for Breaches (Dark Reading, Mar 02 2020)
Executives discuss the security incidents they’re most worried about and the steps they take to prepare for them.
Data-stealing ransomware hits parts maker for Tesla, Boeing and Lockheed Martin (SC Media, Mar 02 2020)
Visser Precision, a parts maker and manufacturing solutions provider for the aerospace, automotive, industrial and manufacturing industries, has reportedly suffered a combination ransomware attack and data breach that has compromised files pertaining to multiple business partners, including Tesla, SpaceX, Boeing and Lockheed Martin.
Do you have a data breach response plan? (Help Net Security, Mar 03 2020)
Sixty-eight percent of respondents say their organization has put more resources toward security technologies to detect and respond quickly to a data breach. 57% of those surveyed also reported that they believe their data breach response plans are “very” or “highly” effective, up from 49 percent in 2018.
Google Launches Free Fuzzer Benchmarking Service (SecurityWeek, Mar 03 2020)
Google this week announced the launch of FuzzBench, a free and open source service for evaluating fuzzers.
Cathay Pacific slammed for security failures following hack which exposed 9.4 million people worldwide (Graham Cluley, Mar 04 2020)
The UK’s Information Commissioner’s Office (ICO) has fined Cathay Pacific for “a number of basic security inadequacies” which resulted in hackers stealing the data of 9.4 million people worldwide – including 111,578 from the UK.
Email domains without DMARC enforcement spoofed nearly 4X as often (Help Net Security, Mar 05 2020)
As of January 2020, nearly 1 million (933,973) domains have published DMARC records — an increase of 70% compared to last year, and more than 180% growth in the last two years. In addition, 80% of all inboxes worldwide do DMARC checks and enforce domain owners’ policies — if domain owners have configured DMARC, a new Valimail report reveals.
Zynga Facing Lawsuit Over Data Breach (Infosecurity Magazine, Mar 04 2020)
Gamers file a class-action lawsuit against Zynga following a data breach affecting 173m users
Carnival Cruise Lines Hacked (Infosecurity Magazine, Mar 04 2020)
Carnival announces cyber-attack on Holland America Line and Princess Cruises
D.C. Council Passes Data Security Legislation (SecurityWeek, Mar 04 2020)
The Council of the District of Columbia on Tuesday unanimously passed a bill whose goal is to expand data breach notification requirements and improve the way organizations protect personal information.