CISO View – The Week’s Best News – 2021.06.25

A Review of the Best News of the Week on Cybersecurity Management & Strategy

Hit by a Ransomware Attack? Your Payment May be Deductible (SecurityWeek, Jun 19 2021)
As ransomware attacks surge, the FBI is doubling down on its guidance to affected businesses: Don’t pay the cybercriminals. But the U.S. government also offers a little-noticed incentive for those who do pay: The ransoms may be tax deductible.

Google Launches SLSA, a New Framework for Supply Chain Integrity (Dark Reading, Jun 17 2021)
The “Supply chain Levels for Software Artifacts” aims to ensure the integrity of components throughout the software supply chain.

NIST Publishes Ransomware Guidance (Infosecurity Magazine, Jun 22 2021)
Draft Cybersecurity Framework Profile for Ransomware Risk Management released


Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~19,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn


First American Financial Pays Farcical $500K Fine (Krebs on Security, Jun 18 2021)
In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. [NYSE:FAF] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back more than 16 years. This week, the U.S. Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000.

Baltimore County Public Schools’ Ransomware Recovery Tops $8M (Dark Reading, Jun 21 2021)
The school district has spent seven months and a reported $8.1 million recovering from the November attack.

How Cyber Safe is Your Drinking Water Supply? (Krebs on Security, Jun 21 2021)
Amid multiple recent reports of hackers breaking into and tampering with drinking water treatment systems comes a new industry survey with some sobering findings: A majority of the 52,000 separate drinking water systems in the United States still haven’t inventoried some or any of their information technology systems — a basic first step in protecting networks from cyberattacks.

SentinelOne announces IPO (Help Net Security, Jun 21 2021)
SentinelOne has filed a registration statement on Form S-1 with the U.S. SEC to offer 32,000,000 shares of its Class A common stock to the public. In addition, the company intends to grant the underwriters a 30-day option to purchase up to an additional 4,800,000 shares of its Class A common stock.

73% of enterprises suffer security and compliance issues due to internal misalignment (Help Net Security, Jun 18 2021)
According to Enterprise Management Associates (EMA) and BlueCat’s recently published research report, nearly 3 in 4 enterprises (73%) have suffered security or compliance issues in the past year as a direct result of collaboration challenges between the cloud and networking teams. For security leaders who have spent much of the past five years on better integrating with networking, this represents a newly opened Pandora’s Box of risk that must be addressed.

Lies my vendor told me: sorting through the deceptions and misconceptions in SIEM (SC Media, Jun 21 2021)
Allie Mellen, an analyst at Forrester, former researcher at MIT and Boston University and all-around cybersecurity practitioner, has been laser-focused on trends in the security analytics and tooling markets.

In a recent blog she tackles the growing evolution of security information and event management systems over the past decade and calls out a number of outdated or dishonest criticisms that are regularly lobbed at the technology today.

Akamai Blames Outage on DDoS Protection Service (SecurityWeek, Jun 18 2021)
CDN, cybersecurity and cloud services provider Akamai has blamed an outage that occurred on Thursday on an issue with its Prolexic DDoS attack protection service.

Despite Heightened Cyber-Risks, Few Security Leaders Report to CEO (Dark Reading, Jun 22 2021)
A new report suggests that top management at most companies still don’t get security.

The paradox of post-quantum crypto preparedness (Help Net Security, Jun 23 2021)
Preparing for post-quantum cryptography (PQC) is a paradox: on the one hand, we don’t know for sure when, or perhaps even if, a large quantum computer will become available that can break all current public-key cryptography.

Ransomware decreases as cybercriminals hit more lucrative targets (Help Net Security, Jun 22 2021)
McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in the first quarter of 2021. The quarter saw cyber adversaries shift from low-return, mass-spread ransomware campaigns toward fewer, customized Ransomware-as-a-Service (RaaS) campaigns targeting larger, more lucrative organizations.

Ransomware Payments Could Be Tax Deductible – Report (Infosecurity Magazine, Jun 23 2021)
Another silver lining for firms that choose to pay their extorters

Russian intelligence service chief says Moscow will work with US to find hackers (SC Media, Jun 23 2021)
Sources familiar with United States thinking on the matter believe Russia has in the past used information shared about domestic criminals as a recruitment tool, and Russia has been known to push the boundaries of other reciprocity agreements, using Interpol to pursue dissidents for example.

Lawsuits filed against Scripps Health following ransomware attack, data theft (SC Media, Jun 22 2021)
“Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and microphone. Its spyware is also said to be equipped with a keylogger, which means every keystroke made on an infected device — including passwords, search queries and messages sent via…”

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer (Schneier on Security, Jun 23 2021)
“Marketing materials left exposed online by a third-party claim Mollitiam’s interception products, dubbed “Invisible Man” and “Night Crawler,” are capable of remotely accessing a target’s files, location, and covertly turning on a device’s camera and microphone. Its spyware is also said to be equipped with a keylogger, which means every keystroke made on an infected device — including passwords, search queries and messages sent via…

D3FEND Framework Seeks to Lay Foundation for Cyber Defense (Dark Reading, Jun 24 2021)
The MITRE project, funded by the National Security Agency, aims to create a foundation for analyzing and discussing cyber defenses and could shake up the vendor community.

Tulsa Officials Warn Ransomware Attackers Leaked City Files (Dark Reading, Jun 24 2021)
The group behind the May 2021 attack has shared more than 18,000 files via the Dark Web, mostly internal department files and police citations.

John McAfee, Creator of McAfee Antivirus Software, Dead at 75 (Dark Reading, Jun 24 2021)
McAfee, who was being held in a Spanish jail on US tax-evasion charges, had learned on Monday he would be extradited to the US.

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn