A Review of the Best News of the Week on Cybersecurity Management & Strategy

The Life Cycle of a Breached Database (Krebs on Security, Jul 29 2021)
Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

No More Ransom: We Prevented Ransomware Operators From Earning $1 Billion (SecurityWeek, Jul 26 2021)
No More Ransom is celebrating its 5th anniversary and the project says it has helped more than 6 million ransomware victims recover their files and prevented cybercriminals from earning roughly $1 billion.

How to develop a skilled cybersecurity team (Help Net Security, Jul 26 2021)
What skills should aspiring information security workers possess and work on? What certifications can come in handy more than others? What strategies should organizations employ to develop a well-staffed cybersecurity team? Where should they look for talent? What advice do those already working in the field have for those who want to enter it? (ISC)² wanted to know the answer to these and other questions, so they asked 1,024 infosec professionals and 1,010 cybersecurity job…

Filter Out the Noise
Since I started this curated security news in June 2017, I’ve clipped ~20,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

VPN servers seized by Ukrainian authorities weren’t encrypted (Ars Technica, Jul 26 2021)
Company says it’s in the process of overhauling its VPN offerings to better secure them.

Kaseya Denies Paying Cybercriminals Who Launched Ransomware Attack (SecurityWeek, Jul 27 2021)
IT management software firm Kaseya on Monday said it did not pay any money to cybercriminals, following speculation that it may have paid a ransom to obtain a decryptor that would allow customers hit by the recent ransomware attack to recover their files.

S.Africa’s Port Terminals Still Disrupted Days After Cyber-Attack (SecurityWeek, Jul 27 2021)
South Africa’s state-owned logistics firm said Tuesday it was working to restore systems following a major cyber-attack last week that hit the country’s key port terminals.

Microsoft researcher found Apple 0-day in March, didn’t report it (Naked Security – Sophos, Jul 28 2021)
Ut tensio, sic uis! Does twice the bug pile on twice the pressure to fix it?

What’s the Deal With That Security Slot on Your Laptop, Anyway? (VICE, Jul 26 2021)
What the heck is a Kensington security slot, and why does your computer probably have one? And how well does it really work, anyway? I asked a guy who designed locks for it.

CISOs operating blind, with limited visibility and control (Help Net Security, Jul 27 2021)
An overwhelming percentage (75%) of CISOs consider their organization to be at greater risk of a cybersecurity attack due to the transition to home working, with a third admitting they’ve taken their eye off the ball during these past 12 months losing track of leavers and devices, according to a new survey from BlueFort Security, a provider of cybersecurity solutions.

Creating an Effective Threat Hunting Program with Limited Resources (SecurityWeek, Jul 27 2021)
Developing various data sets for threat hunting engagements will further mature your program and help uncover the unknown

A Controversial Tool Calls Out Vulnerabilities Across the Web (Wired, Jul 27 2021)
PunkSpider is back, and crawling hundreds of millions of sites for vulnerabilities.

US Acting to Better Protect Infrastructure From Cyberthreats (SecurityWeek, Jul 28 2021)
The Biden administration is taking steps to harden cybersecurity defenses for critical infrastructure, announcing on Wednesday the development of performance goals and a voluntary public-private partnership to protect core sectors.

Biden warns cyber attacks could lead to a “real shooting war” (Ars Technica, Jul 28 2021)
US president’s remarks follow breaches that paralyzed critical services.

Average total cost of a data breach increased by nearly 10% year over year (Help Net Security, Jul 29 2021)
Data breaches now cost companies a total of $4.24 million per incident on average, according to the Cost of a Data Breach Report, conducted by Ponemon Institute and analyzed by IBM Security.

How Low-level Hackers Access High-end Malware (SecurityWeek, Jul 29 2021)
Hacking tool downloads from underground forums are increasing, and the tools are becoming more sophisticated; low-level hackers are gaining access to hacked versions of sophisticated tools; access broking is growing; and existing tools are repurposed for more aggressive attacks.

Why isn’t cloud backup part of common security practices? (Help Net Security, Jul 30 2021)
The threat of ransomware is omnipresent, and the tactics deployed by cybercriminals are constantly evolving to wreak as much havoc as possible. Recent attacks like the one on Kaseya serve as an important reminder that when ransomware strikes, it’s not just your data that’s at risk, but your whole business.

21-Year-Old Woman Pleads Guilty to Sending Phishing Emails to Political Candidates (SecurityWeek, Jul 30 2021)
A 21-year-old Rhode Island woman has pleaded guilty to targeting candidates for political office and their campaign staff with phishing emails.

The woman, Diana Lebeau, of Cranston, R.I., admitted in court to sending phishing emails to roughly 22 members of the campaign staff of a political candidate, posing as the campaign’s managers or co-chairs.