A Review of the Best News of the Week on Cybersecurity Management & Strategy

Google’s Project Zero Finds a Nation-State Zero-Day Operation (Schneier on Security, Apr 08 2021)
Google’s Project Zero discovered, and caused to be patched, eleven zero-day exploits against Chrome, Safari, Microsoft Windows, and iOS. This seems to have been exploited by “Western government operatives actively conducting a counterterrorism operation”:

The exploits, which went back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to deliver malware to visitors. They caught the attention of cybersecurity experts thanks to their…

Booking.com Fined $558,000 for Late Breach Notification (Infosecurity Magazine, Apr 01 2021)
Dutch regulator brands 2018 incident a “serious violation”

DHS Secretary Outlines Biden Administration’s Cybersecurity Vision (Infosecurity Magazine, Apr 01 2021)
DHS secretary Alejandro Mayorkas spoke during RSAC webcast

Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Hackers Demand $40M in Ransom From Florida School District (Dark Reading, Apr 02 2021)
District officials say they have no intention of paying the ransom

University of California Victim of Nationwide Hack Attack (SecurityWeek, Apr 05 2021)
The University of California is warning its students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies and companies nationwide.

White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021 (SecurityWeek, Apr 07 2021)
On the first day of the Pwn2Own 2021 hacking competition, participants earned more than half a million dollars, including $440,000 for demonstrating exploits against Microsoft products.

What Really Caused Facebook’s 500M-User Data Leak? (Wired, Apr 06 2021)
The company’s explanations have been confusing and inconsistent, but there are finally some answers.

US adds Chinese supercomputing companies to export blacklist (Ars Technica, Apr 09 2021)
Biden administration tightens controls on tech that aids China’s military.

How purple teams deliver actionable data to security pros (SC Media, Apr 02 2021)
Following the SolarWinds hack security pros are turning to purple teams to lock down security. Today’s columnist, Victor Wieczorek of GuidePoint Security, offers a four-step process for deploying a purple team.

New CISOs should focus more on people and less on tech, report finds (SC Media, Mar 31 2021)
A new CISO must take steps to build relationships, while also making sure not to alienate other business units or harm the security team’s brand.

The post New CISOs should focus more on people and less on tech, report finds appeared first on SC Media.

“I’m sorry, we’re closed”: Why most ransomware attacks happen out of hours (Darktrace Blog, Apr 01 2021)
When employees have logged off, and security teams are away from their desks, that’s prime time for attackers to strike. This blog discusses how cyber-criminals time their attacks to fall during weekends or holiday periods, and how defensive AI can stay awake and fight back.

Molson Coors Cyberattack, Storms Could Cost Company $140 Million (SecurityWeek, Apr 01 2021)
Cyber Incident and Texas Storms Will Delay Between 1.8 and 2.0 Million Hectoliters of Beer Production and Shipments

US DoD Launches Vuln Disclosure Program for Contractor Networks (SecurityWeek, Apr 06 2021)
The United States Department of Defense (DoD) this week announced the launch of a new vulnerability disclosure program on HackerOne to identify vulnerabilities in Defense Industrial Base (DIB) contractor networks.

All Eyes on PCAP: The Gold Standard of Traffic Analysis (SecurityWeek, Apr 06 2021)
PCAP Enables Defenders to See and Capture Exactly What Has Happened Across a Network, But Comes With Challenges

Ransom Gangs Emailing Victim Customers for Leverage (Krebs on Security, Apr 05 2021)
Some of the top ransomware gangs are deploying a new pressure tactic to push more victim organizations into paying an extortion demand: Emailing the victim’s customers and partners directly, warning that their data will be leaked to the dark web unless they can convince the victim firm to pay up.

Ryuk’s Rampage Has Lessons for the Enterprise (Dark Reading, Apr 06 2021)
The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.

Office Depot Configuration Error Exposes One Million Records (Infosecurity Magazine, Apr 07 2021)
Researchers say Elasticsearch database may have been open for 10 days

Fortune 500 Security Shows Progress and Pitfalls (Dark Reading, Apr 07 2021)
Fortune 500 companies have improved on email security and vulnerability disclosure programs but struggle in asset management and high-risk services.

Jason Witty: ‘We have to adapt to new ways of thinking’ (SC Media, Apr 08 2021)
Jason Witty, head of cybersecurity and technology controls, and global chief information security officer for JPMorgan Chase, says security leaders must be in a mode of constant learning.

Krebs: It’s time for a law that invests in the digital infrastructure (SC Media, Apr 07 2021)
The former head of the CISA advocated for the equivalent of block grants to state and local government to modernize IT infrastructure, which in turn would boost citizen services, business growth, jobs, “and yes, help stop ransomware.”