The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. Colonial Pipeline Struggles to Restart After Ransomware Attack (SecurityWeek, May 09 2021) Operators of the Colonial Pipeline are struggling to get fuel flowing at normal capacity after a cyberattack forced a shutdown of distribution system, the largest refined products
A Review of the Best News of the Week on Cybersecurity Management & Strategy A Closer Look at the DarkSide Ransomware Gang (Krebs on Security, May 11 2021) The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial
A Review of the Best News of the Week on Identity Management & Web Fraud Hackers Leak Personal Data of Washington DC Police Officers (VICE, May 11 2021) The ransomware gang Babuk released the personal details of several Metropolitan Police Department officers—essentially a full dox—in an attempt to extort the
A Review of the Best News of the Week on Cloud Security, DevOps, AppSec Google Releases Open Source Tool for Verifying Containers (SecurityWeek, May 10 2021) Google has released a new open-source tool called cosign to make it easier to manage the process of signing and verifying container images. Researcher
A Review of the Best News of the Week on AI, IoT, & Mobile Security Security researcher successfully jailbreaks an Apple AirTag (Ars Technica, May 10 2021) Successful jailbreak increases existing AirTag security and privacy concerns. Apple brass discussed disclosing 128-million iPhone hack, then decided not to (Ars Technica, May
A Review of the Best News of the Week on Cyber Threats & Defense Colonial Pipeline Struggles to Restart After Ransomware Attack (SecurityWeek, May 09 2021) Operators of the Colonial Pipeline are struggling to get fuel flowing at normal capacity after a cyberattack forced a shutdown of distribution system, the largest refined
The Top 15 Security Posts – Vetted & Curated *Threats & Defense* 1. MITRE Adds MacOS, More Data Types to ATT&CK Framework (Dark Reading, Apr 30 2021) Version 9 of the popular threat matrix will improve support for a variety of platforms, including cloud infrastructure. 2. Tesla Car Hacked Remotely
A Review of the Best News of the Week on Cybersecurity Management & Strategy DoD Lets Researchers Target All Publicly Accessible Info Systems (Dark Reading, May 05 2021) The Department of Defense expands its vulnerability disclosure program to include a broad range of new targets. More US agencies potentially hacked,
A Review of the Best News of the Week on Identity Management & Web Fraud Your Old Phone Number Can Be Used to Hack You, Study Finds (VICE, May 06 2021) The majority of old phone numbers are still tied to important online accounts that can be easily taken over