A Review of the Best News of the Week on Cybersecurity Management & Strategy

Celeb hackers demanding $42M ransom promise to ‘reveal Trump’s dirty laundry’ (The US Sun, May 15 2020)
Hacker group REvil doubled their original demand for $21million after stealing confidential files on the firm’s A-list clients including Madonna and Mariah Carey.

Black Hat USA and DEF CON Cancelled Due to #COVID19 (Infosecurity Magazine, May 11 2020)
Popular cybersecurity conferences will go virtual this year

The US Says Chinese Hackers Went Too Far During the Covid-19 Crisis (Wired, May 14 2020)
The FBI and DHS say that Beijing’s hacking “jeopardizes” the delivery of much-needed Covid-19 treatment options.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Cognizant: Ransomware Costs Could Reach $70m (Infosecurity Magazine, May 11 2020)
IT giant admits major financial hit from Maze raid

Pitney Bowes Hit by Ransomware for Second Time (Infosecurity Magazine, May 12 2020)
Mailing tech firm targeted by Maze group

Shipping Giant Toll Confirms Hackers Stole Data in Recent Attack (SecurityWeek, May 12 2020)
After initially claiming that it had found no evidence of data being stolen as a result of the recently disclosed ransomware attack, Australian shipping giant Toll admitted on Tuesday that the attackers did manage to steal some data.

Ransomware Forces Shutdown of Texas Judiciary Network (SecurityWeek, May 12 2020)
Texas revealed on Monday that a ransomware attack has forced the shutdown of its judicial branch network, including websites and servers.

The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet (Wired, May 12 2020)
At 22, he single-handedly put a stop to the worst cyberattack the world had ever seen. Then he was arrested by the FBI. This is his untold story. 

Leveraging automation to maximize security budgets (Help Net Security, May 11 2020)
With the economic impact of COVID-19 increasingly looking like an imminent recession and the way we do work altered perhaps forever, CIOs and CISOs will most likely be managing reduced budgets and a vastly different threat landscape.

Ransomware Hit ATM Giant Diebold Nixdorf (Krebs on Security, May 11 2020)
Diebold Nixdorf, a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. The company says the hackers never touched its ATMs or customer networks, and that the intrusion only affected its corporate network.

US Health Giant Hooked with Ransomware Bait (Infosecurity Magazine, May 13 2020)
Magellan Health attacked with ransomware after falling for phishing email

Sophos: Paying Ransom Can Double Attack Recovery Costs (Infosecurity Magazine, May 13 2020)
Security vendor warns future ransomware victims

79% of Companies Report Identity-Related Breach in Past Two Years (Dark Reading, May 14 2020)
Two-thirds of organizations surveyed say phishing is the most common cause of identity-related breaches, the IDSA reports.

Businesses vulnerable to emerging risks have a gap in their insurance coverage (Help Net Security, May 14 2020)
The majority of business decision makers are insured against traditional cyber risks, such as breaches of personal information, but most were vulnerable to emerging risks, such as malware and ransomware, revealing a potential insurance coverage gap, according to the Hanover Insurance Group.

Why You May Not Need to Monitor the Dark Web (SecurityWeek, May 15 2020)
This is the reason why dark web monitoring is only relevant to certain industries. The dark web communities that are relevant to cyber security, mainly those of cybercriminals, are geared towards making its members money (while APT groups use tools that can be found in the dark web, they have very loose affiliation with these circles).