INFOSECURITY NEWSLETTER

September 19, 2018

[Webinar] Build a Managed Service Dream Team: Why MSPs and MSSPs Need to Join Forces

Join our experts for an on-demand webinar for more insights on the benefits of teaming with an MSSP, and why Delta Risk may be the right partner for your business.

View it On Demand


Developing Cyber Security Incident Response Plans for Industrial Control Systems

Stephanie Ewing, deltarisk.com, September 14, 2018

For many organizations, cyber security program and cyber security incident response plans (CSIRPs) also need to consider industrial control systems (ICS) when we look at the protection of critical services. Most often our discussions about Cyber Security Incident Response Plans (CSIRP) are focused on data security incidents. We know that across all industries, data contained in information systems are a target. Our traditional approach follows the mantra of protecting the confidentiality, integrity and availability (CIA) of data.

Read More


How a Cyber Attack Could Cause the Next Financial Crisis

Paul Mee and Til Schuermann, hbr.org, September 14, 2018

Ever since the forced bankruptcy of the investment bank Lehman Brothers triggered the financial crisis 10 years ago, regulators, risk managers, and central bankers around the globe have focused on shoring up banks’ ability to withstand financial shocks. But the next crisis might not come from a financial shock at all. The more likely culprit: a cyber attack that causes disruptions to financial services capabilities, especially payments systems, around the world.

Read More


Enterprise CSI: Utilising Web Browser Forensics for Cyber Security Investigations

Information Age Staff, information-age.com, September 10, 2018

Barry Shteiman, VP, Research and Innovation at Exabeam, explains why browser forensics represents a critical step in the cyber security analyst’s incident response playbook. Enabling them to play ‘digital detective’ helps them reconstruct past events – uncovering which critical systems and assets have been compromised and how. Law enforcement agencies have long been aware of the power of the internet browser to undertake criminal investigations, pulling information from suspect’s browsing history to reconstruct their activities, build a dossier and uncover vital evidence.

Read More


Cyber Criminals Try Swiping Email Logins and Bank Data in Single HRMC Phishing Scam

Clare Hopping, itpro.co.uk, September 17, 2018

MalwareBytes has uncovered an HMRC phishing scam that aims to swipe taxpayers’ personal details (including mother’s maiden name) and card details. The hackers send an email to victims, claiming to be from HMRC regarding a tax refund. The email specifies how much is due as a refund (around the £500 mark) and says that the refund claim deadline falls on the date of the email – prompting anyone wanting to get their money back to click on it immediately.

Read More


State Department Confirms Breach of Unclassified Email System

Ms. Smith, csoonline.com, September 19, 2018

The U.S. State Department confirmed it suffered a data breach that exposed employee data; the breach affected the State Department’s unclassified email system. It’s not like the agency suddenly decided to tell the public about the breach, though. The incident came to light only after Politico got hold of a Sept. 7, 2018, “Sensitive but Unclassified” notice about the breach.

Read More


FBI: Phishing Attacks Aim to Swap Payroll Information

Dark Reading Staff, darkreading.com, September 19, 2018

The FBI’s Internet Crime Complaint Center (IC3) reports a wave of social engineering attacks aiming to steal employees’ login credentials so they can break into online payroll accounts. Attackers send their targets phishing emails designed to capture login credentials, the IC3 states. They use these to access employees’ payroll, change their bank account data, and add rules so the victim doesn’t receive alerts regarding direct deposit changes.

Read More


Hackers Selling Research Phished From Universities on WhatsApp

Lisa Vaas, nakesecurity.sophos.com, September 18, 2018

Iranian hackers have reportedly breached top British universities – including Oxford and Cambridge – to steal what the Telegraph says are “millions” of papers and academic research documents that they then put up for sale via WhatsApp and websites. The publication reported on Friday that much of the subject matter is bland, but some of the papers covered topics including nuclear development and computer encryption.

Read More


Awareness and Tendency Towards Risky Online Behavior

Help Net Security Staff, helpnetsecurity.com, September 18, 2018

Spanning Cloud Apps announced the results of a survey of over 400 full-time U.S. employees on their awareness of and tendency towards risky online behavior. The study measured U.S. workers’ risk aversion for a range of behaviors, including use of online account credentials, susceptibility to phishing attacks and potential for data loss. It found that, while employees are generally risk averse, more than half (55 percent) admitted to clicking links they didn’t recognize, 45 percent said they would allow a colleague to use their work computer and 34 percent were unable to identify an unsecure ecommerce site.

Read More


Insurance Experts Expect Higher Cyber-Related Losses

Help Net Security Staff, helpnetsecurity.com, September 18, 2018

Insurance companies are expecting increased cyber-related losses across all business lines over the next 12-months, driven by increasing reliance on technology and high-profile cyber-attacks, according to Willis Towers Watson. The survey reveals that over 60% of respondents estimate it is likely to incur more than one cyber related loss for every hundred non-cyber covered losses over the next 12 months in all lines of business apart from workers compensation compared to less than 50% in any line of business in 2017.

Read More

Sign Up for Our Newsletter

financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points