A Review of the Best News of the Week on Identity Management & Web Fraud
Internet Freedom Has Taken a Hit During the Covid-19 Pandemic (Wired, Oct 14 2020)
From surveillance to arrests, governments are using the novel coronavirus as cover for a crackdown on digital liberty.
2020 brings unique levels of PKI usage challenges (Help Net Security, Oct 13 2020)
Organizations are rapidly increasing the size, scope and scale of their data protection infrastructure, reflected in dramatic rises in adoption of public key infrastructure (PKI) across enterprises worldwide, according to Entrust research. PKI is at the core of nearly every IT infrastructure, enabling security for critical digital initiatives such as cloud, mobile device deployment, identities and the IoT.
Amazon’s Latest Gimmicks Are Pushing the Limits of Privacy (Wired, Oct 11 2020)
Privacy advocates warn that the Ring Always Home Cam and Amazon One both normalize aggressive new forms of data collection.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
How to avoid the most common mistakes of an identity governance program (Help Net Security, Oct 09 2020)
It’s a story I have seen play out many times over two decades in the Identity and Access Management (IAM) field: An organization determines that it needs a more robust Identity Governance and Administration (IGA) program, they kick off a project to realize this goal, but after a promising start, the whole effort falls apart within six to twelve months.
25% of BEC Cybercriminals Based in the US (Dark Reading, Oct 13 2020)
While the US is known to be a prime target for BEC attacks, just how many perpetrators are based there came as a surprise to researchers.
Governments Use Pandemic to Crack Down on Online Dissent: Watchdog (SecurityWeek, Oct 14 2020)
Governments around the world are using the pandemic as a justification to expand surveillance and crack down on dissent online, resulting in a 10th consecutive annual decline in internet freedom, a human rights watchdog report said Wednesday.
Marketing Firm Spills Nearly Three Million Records (Infosecurity Magazine, Oct 09 2020)
Cloud configuration snafu to blame again
Redefining PII as We Trade Convenience for Risk in a Contactless World (SecurityWeek, Oct 08 2020)
Since the beginning of the COVID-19 pandemic, my favorite restaurant in my little neighborhood in Seattle has undergone some operational changes.
Cyber-attacks on Angolan Journalists Who Reported Government Corruption (Infosecurity Magazine, Oct 09 2020)
Journalists in Angola hit by cyber-attacks after reporting that the president’s chief of staff had embezzled money
Tennessee Health Data Management Firm Agrees to $2m Data Breach Settlement (Infosecurity Magazine, Oct 09 2020)
Community Health Systems settles charges brought by 28 states over 2014 data breach
Hackers Publish Public School District’s Stolen Data Online (SecurityWeek, Oct 12 2020)
Computer hackers who obtained information about a Virginia public school district’s students and employees have posted stolen data online, school officials said Friday in an email to parents and staff.
CPRA: More opportunity than threat for employers (Help Net Security, Oct 12 2020)
Increasingly demanded by consumers, data privacy laws can create onerous burdens on even the most well-meaning businesses. California presents plenty of evidence to back up this statement, as more than half of organizations that do business in California still aren’t compliant with the California Consumer Privacy Act (CCPA), which went into effect earlier this year.