A Review of the Best News of the Week on Cybersecurity Management & Strategy
‘BlueLeaks’ Exposes Files from Hundreds of Police Departments (Krebs on Security, Jun 22 2020)
“Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “BlueLeaks” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals.”
Spyware by Israel’s NSO Used Against Journalist: Amnesty (SecurityWeek, Jun 22 2020)
Amnesty International said Monday that software developed by Israeli security firm NSO Group was used to attack a Moroccan journalist, the latest in a series of allegations against the company.
Data Security in the SaaS Age: Thinking Small (Securosis Blog, Jun 22 2020)
The typical enterprise has hundreds, if not thousands, of SaaS services. So what’s the best approach to secure those applications? Any answer requires gratuitous use of many platitudes, including both “How do you eat an elephant? One bite at a time.” and that other old favorite, “You can’t boil the ocean.” Whichever pithy analogy you favor for providing data security for SaaS, you need to think small, by setting policies to protect one application or service at a time.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Long-Term Effects of COVID-19 on the Cybersecurity Industry (Dark Reading, Jun 22 2020)
The maelstrom of change we’re going through presents a unique opportunity to become enablers. And to do that requires flexibility.
Equifax CISO Farshchi: Transparency, focus on behavior transformed security, culture (SC Media, Jun 22 2020)
Equifax was the target of a heap of criticism – and a good bit of anger – after the breach. What was behind the calculation to speak openly about the incident rather than let it fade away as subsequent incidents grabbed the headlines?
Netflix DVD’s Sanders: Revamp strategies to stay ahead of attackers (SC Media, Jun 23 2020)
CISOs scrambling to stay ahead of the rapid changes coming in security and positioning themselves to proactively divine new threats just over the horizon should tune into Tuesday’s InfoSec World 2020 keynote address led by Jimmy Sanders, head of security at Netflix DVD.
Nation-State Espionage Campaigns against Middle East Defense Contractors (Schneier on Security, Jun 23 2020)
“Report on espionage attacks using LinkedIn as a vector for malware, with details and screenshots. They talk about “several hints suggesting a possible link” to the Lazarus group (aka North Korea), but that’s by no means definite.”
Zoom Hires Former Salesforce SVP as New CISO (Infosecurity Magazine, Jun 25 2020)
Prior to that role, Lee spent 15 years at Microsoft, where he rose from a position as senior manager to principal director of security engineering for the Windows Device Group.
Ransomware Operators Claim They Hacked LG (SecurityWeek, Jun 25 2020)
The cybercriminals behind the ransomware known as Maze claim to have breached the systems of LG Electronics and obtained highly sensitive information.
Lululemon’s Rex Sarabia works up a sweat building a security awareness program from scratch (SC Media, Jun 22 2020)
At InfoSec World 2020 on Monday, Rex Sarabia, security awareness program manager at Lululemon, will lead the session “Building an Enterprise Security Awareness Program from the Ground Up.” SC Media interviewed Sarabia about his session to learn more about Sarabia’s biggest challenges, his tips for security professionals starting up their own programs…
How to Wring Every Last Drop Out of Your Security Budget (Dark Reading, Jun 22 2020)
In the face of tighter budgets and lowered spending forecasts due to the pandemic, optimizing and improving the efficiency of security programs — without sacrificing integrity — has never been more important.
Oregon City Pays $48,000 Cyber-Ransom (Infosecurity Magazine, Jun 23 2020)
Keizer coughs up the cash to retrieve files encrypted by cyber-criminals
United States wants HTTPS for all government sites, all the time (Naked Security – Sophos, Jun 23 2020)
The US government just announced its plans for HTTPS on all dot-gov sites.
Another Record-Breaking DDoS Attack Signals Shift in Criminal Methods (Dark Reading, Jun 25 2020)
Malicious botnet sources explode in new attacks that push boundaries in terms of volume and duration.
Average Cost of a Data Breach: $116M (Dark Reading, Jun 24 2020)
Sensitivity of customer information and time-to-detection determine financial blowback of cybersecurity breaches.
Duration of application DDoS attacks increasing, some go on for days (Help Net Security, Jun 25 2020)
There were seven major application DDoS attacks over the previous month — two of which lasted 5-6 days, Imperva reveals. Additionally, the team found that 47% of account takeover (ATO) attacks were aimed at loyalty programs and streaming services, where bad actors attempted to use stolen credentials to gain unauthorized access to online accounts to carry out malicious actions such as data theft, identity fraud or fraudulent e-commerce transactions.
Study of global hackers and the economics of security research (Help Net Security, Jun 24 2020)
Human ingenuity supported by actionable intelligence were found to be critical ingredients to maintaining a resilient infrastructure, Bugcrowd reveals. In fact, 78% of hackers indicated AI-powered cybersecurity solutions alone aren’t enough to outmaneuver cyber attacks over the next decade. 87% of hackers say that scanners cannot find as many critical or unknown assets as humans.
How to establish a threat intelligence program (Help Net Security, Jun 24 2020)
Instituting an in-house cyber threat intelligence (CTI) program as part of the larger cybersecurity efforts can bring about many positive outcomes: The organization may naturally switch from a reactive cybersecurity posture to a predictive, proactive one.
Fixing all vulnerabilities is unrealistic, you need to zero in on what matters (Help Net Security, Jun 23 2020)
As technology constantly advances, software development teams are bombarded with security alerts at an increasing rate. This has made it nearly impossible to remediate every vulnerability, rendering the ability to properly prioritize remediation all the more critical, according to WhiteSource and CYR3CON.
Prolific Hacker Made Millions Selling Network Access (Infosecurity Magazine, Jun 24 2020)
Group-IB report details deceptively simple tactics of “Fxmsp”