A Review of the Best News of the Week on Cybersecurity Management & Strategy

Mandiant to Re-Emerge After $1.2 Billion FireEye Sale (Infosecurity Magazine, Jun 03 2021)
The deal will see STG acquire FireEye’s network, email, endpoint and cloud security products

Meat Is Latest Cyber Victim as Hackers Hit Top Supplier JBS (Yahoo, Jun 01 2021)
The world’s biggest meat supplier has become the latest casualty of a cybersecurity attack, posing a fresh threat to global food security already rattled by the Covid-19 pandemic.

CISA Issues MITRE ATT&CK Mapping Guide for Threat Intelligence Analysts (SecurityWeek, Jun 03 2021)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the availability of a new guide for cyber threat intelligence analysts on the use of the MITRE ATT&CK framework.

Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

3 SASE Misconceptions to Consider (Dark Reading, May 31 2021)
SASE is all the rage, promising things IT leaders have long dreamed about, but a purist approach may create consequences.

Resilience: RSA Conference 2021 (SecurityWeek, May 28 2021)
For many of us, RSA Conference 2020 in San Francisco was the last time we came together as a community, met with colleagues, and saw new technology offerings. It was one of the last global events held in person before the lockdown, and since that time, we’ve had to switch to digital methods for interaction and communication

Security leaders more concerned about legal settlements than regulatory fines (Help Net Security, May 31 2021)
An overwhelming 90% of security leaders are concerned about group legal settlements following a serious data breach, compared to 85% who are worried about regulatory fines, Egress reveals. Launched to commemorate three years of GDPR, the research also found that 47% of consumers would likely join a class-action lawsuit against an organization that had leaked their data, proving security leaders’ fears to be accurate.

Security Vulnerability in Apple’s Silicon “M1” Chip (Schneier on Security, Jun 01 2021)
“The website for the M1racles security vulnerability is an excellent demonstration that not all vulnerabilities are exploitable. Be sure to read the FAQ through to the end.”

Model Sues Law Firm Over Data Breach (Infosecurity Magazine, Jun 01 2021)
Goldberg Segalla accused of leaking fashion model’s personal information on PACER

The DarkSide Ransomware Gang (Schneier on Security, Jun 02 2021)
“The New York Times has a long story on the DarkSide ransomware gang.

A glimpse into DarkSide’s secret communications in the months leading up to the Colonial Pipeline attack reveals a criminal operation on the rise, pulling in millions of dollars in ransom payments each month.

DarkSide offers what is known as “ransomware as a service,” in which a malware developer charges a user fee to so-called affiliates like Woris, who may not have the technical skills to actually create ransomware but are…”

Modern SOCs a ‘Painful’ Challenge Amid Growing Complexity: Report (Dark Reading, May 28 2021)
A new study examines the tools and technologies driving investment and activities for security operations centers.

Rethinking SIEM requires rethinking visibility (Help Net Security, May 31 2021)
Security professionals now generally recognize that siloed security tools and systems have undercut efforts to find active attacks more quickly and efficiently. Information security began decades ago with strategies of taking a layered approach and even relying on a heterogeneous mix of vendors. This meant that desktop or endpoint solutions were separate and from different manufacturers than those for gateway or cloud.

Rating Cyber Security Practitioners (Privacy, Power, & Protection In The Cyber Century, May 27 2021)
“Perhaps I’m unduly harsh on the certification bodies. There’s a part for them to play in this too. If the idea of Elo for Cyber Security professionals caught on, there would be a market for courses, exercises, mock tournaments, books, and coaching. Both the training providers and the students could point to a concrete outcome and justify their investment of time and money.”

CISO Confidence Is Rising, but Issues Remain (Dark Reading, Jun 01 2021)
New research reveals how global CISOs dealt with COVID-19 and their plans for 2022-2023.

A CISO’s Guide: Mitigating the Human Risk Factor (Help Net Security, Jun 01 2021)
Security teams deploy several technologies to protect their attack vectors (network, endpoints, email, web, cloud apps, etc.). But what about the human attack surface? Verizon’s 2021 data breach report shows phishing is responsible for the vast majority of breaches and Business Email Compromises were the second most common form of social engineering.

House bill would require federal contractors to put in place vulnerability disclosure programs (SC Media, Jun 01 2021)
Though contracts would not require remediation of vulnerabilities brought in through the programs, the government would be able to not renew contracts with companies whose handling of vulnerabilities raised researchers’ ire.

US Seizes Attacker Domains Used in USAID Phishing Campaign (Dark Reading, Jun 01 2021)
The move follows last week’s disclosure of an ongoing attack designed to mimic emails from the US Agency for International Development.

US Seizes 2 Domain Names Used in Cyberespionage Campaign (SecurityWeek, Jun 02 2021)
The Justice Department said Tuesday that it has seized two domain names used in a cyberespionage campaign that targeted U.S. and foreign government agencies, think tanks and humanitarian groups.

Fujifilm Shuts Down Servers to Investigate Possible Ransomware Attack (Infosecurity Magazine, Jun 03 2021)
The company is investigating possible unauthorized access and has partially shut down its servers

Many CISOs Blame Cyberattack Surge on Remote Working: VMware (SecurityWeek, Jun 03 2021)
Cybersecurity professionals have seen a surge in cyberattacks in the past year, and many blamed the trend on more employees working from home due to the COVID-19 pandemic, according to a report published on Thursday by VMware.

Backup appliance firm pays out $2.6 million ransom to attackers (Graham Cluley, Jun 03 2021)
The Conti ransomware gang has successfully managed to extort millions of dollars out of an organisation once again. What’s notable on this occasion is that the Conti group’s corporate victim is ExaGrid, a backup company.