A Review of the Best News of the Week on Cybersecurity Management & Strategy

Ransomware Now Leaking Stolen Documents (Schneier on Security, Apr 14 2020)
“Originally, ransomware didn’t involve any data theft. Malware would encrypt the data on your computer, and demand a ransom for the encryption key. Now ransomware is increasingly involving both encryption and exfiltration. Brian Krebs wrote about this in December. It’s a further incentive for the victims to pay.”

GAO Criticizes Pentagon Over Cyber Hygiene Efforts (SecurityWeek, Apr 15 2020)
A report published this week by the U.S. Government Accountability Office (GAO) shows that the Pentagon’s cyber hygiene initiatives have not been completed and in some cases no one is keeping track of their progress.

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic? (Krebs on Security, Apr 15 2020)
“The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it’s helping hospitals avoid becoming the next ransomware victim or kneecapping new COVID-19-themed scam websites, these nascent partnerships may well end up saving lives. But can this unprecedented level of collaboration survive the pandemic?”

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~13,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Microsoft offers free threat notification service to healthcare, human rights organizations (Help Net Security, Apr 15 2020)
After recently directly notifying a number of hospitals about vulnerable gateway and VPN appliances in their infrastructure, Microsoft has decided to offer its AccountGuard threat notification service for free for healthcare and worldwide human rights and humanitarian organizations.

Zoom in crisis: How to respond and manage product security incidents (Help Net Security, Apr 15 2020)
Zoom is in crisis mode, facing grave and very public concerns regarding the trust in management’s commitment for secure products, the respect for user privacy, the honesty of its marketing, and the design decisions that preserve a positive user experience.

Three Tips to Help CISOs Close the IT-OT Security Gap (SecurityWeek, Apr 14 2020)
When you try to apply the same IT playbook to OT environments you introduce unnecessary complexity.

New York State Confirms Breach of Government Network (Dark Reading, Apr 15 2020)
The January incident led state officials to hire an external forensics firm and change thousands of employee passwords.

Energy Giant EDP Hit With €10 Million Ransomware Threat (Infosecurity Magazine, Apr 16 2020)
Attackers say they will release 10TB of data if ransom isn’t paid

Pentagon Paid Out $290,000 for Vulnerabilities in Air Force Data Center (SecurityWeek, Apr 16 2020)
The Pentagon’s latest bug bounty challenge, Hack the Air Force 4.0, has resulted in the discovery of over 400 vulnerabilities and rewards totaling more than $290,000.

US offers up to $5m reward for information on North Korean hackers (Naked Security – Sophos, Apr 17 2020)
UN experts believe the DPRK cyber-steals and launders money, extorts companies and funnels the cash into its nuclear program.

Sipping from the Coronavirus Domain Firehose (Krebs on Security, Apr 16 2020)
“Security experts are poring over thousands of new Coronavirus-themed domain names registered each day, but this often manual effort struggles to keep pace with the flood of domains invoking the virus to promote malware and phishing sites, as well as non-existent healthcare products and charities. As a result, domain name registrars are under increasing pressure to do more to combat scams and misinformation during the COVID-19 pandemic.”

Cybercrime May Be the World’s Third-Largest Economy by 2021 (Dark Reading, Apr 13 2020)
The underground economy is undergoing an industrialization wave and booming like never before.

Meet AttackerKB, Rapid7’s Crowdsourced Vulnerability Knowledge Base (SecurityWeek, Apr 15 2020)
Metasploit Team Unveils Community Powered Knowledge Base of Vulnerabilities and Insights

Signal: We’ll be eaten alive by EARN IT Act’s anti-encryption wolves (Naked Security – Sophos, Apr 15 2020)
Signal claims that legal and liability concerns would make it impossible to operate in the US. That doesn’t mean it would shut up shop entirely, but it could mean that the non-profit would need to move operations now based in the US.

Only 40% of Small Business Owners Have a Cybersecurity Policy (Dark Reading, Apr 10 2020)
Small business owners are concerned about cyberattacks targeting remote workers but lack the resources to invest in security.

How to Steer Your Security Organization in a Toxic Environment (SecurityWeek, Apr 15 2020)
Five Ways to Steer Your Security Organization in a Toxic Environment

Shipping Giant MSC Confirms Outage Caused by Malware Attack (SecurityWeek, Apr 16 2020)
Swiss-based global shipping giant Mediterranean Shipping Company (MSC) has confirmed that a recent outage was caused by a malware attack that affected its headquarters in Geneva.

Pastebin Made It Harder To Scrape Its Site And Researchers Are Pissed Off (VICE, Apr 16 2020)
Pastebin quietly changed its terms and services t hat allowed researchers to study leaked data, malware, and stolen passwords.

Zoom Brings Renowned Crypto and Bug Bounty Experts on Board (Infosecurity Magazine, Apr 17 2020)
Video conferencing firm continues push to improve security

Equifax pays Indiana $19.5m to settle data breach case (Infosecurity Magazine, Apr 16 2020)
Credit reporting company pays hefty settlement to the State of Indiana over data breach