INFOSECURITY NEWSLETTER

January 16, 2019

[Blog] GAO: Federal Agencies Still Vulnerable to Cyber Attacks

Keith Melancon, deltarisk.com, January 2, 2019

The Government Accountability Office (GAO) says in a new study, GAO-19-105: Federal Information Security, that most federal agencies are falling behind on implementing federal cyber security standards. The study said federal agencies need improvement and called on the agencies to do a better job protecting against intrusions.

Read More

Courts Hand Down Hard Jail Time for DDoS

krebsonsecurity.com, January 14, 2019

Seldom do people responsible for launching crippling cyber attacks face justice, but increasingly courts around the world are making examples of the few who do get busted for such crimes. On Friday, a 34-year-old Connecticut man received a whopping 10-year prison sentence for carrying out distributed denial-of-service (DDoS) attacks against several hospitals in 2014.

Read More

Vulnerabilities Found in Building Access System Used by Schools, Governments

csoonline.com, January 14, 2019

Tenable Research discovered four zero-day vulnerabilities in IDenticard’s PremiSys access control system, which is used by schools, governments, medical centers, and Fortune 500 companies. Currently no patches are available.

Read More

U.S. Government Shutdown Leaves Dozens of .Gov Websites Vulnerable

threatpost.com, January 11, 2019

As the U.S. federal shutdown continues, dozens of U.S. government websites have been rendered either insecure or inaccessible due to expired transport layer security (TLS) certificates that have not been renewed. In fact, .gov websites are using more than 80 TLS certificates that have expired.

Read More

Close to 70 Percent of Enterprises Moving Business-Critical Applications to the Cloud

techrepublic.com, Jan 11, 2019

Nearly 70 percent of enterprise organizations are currently migrating data for enterprise resource planning (ERP) applications to the cloud, according to a report from the Cloud Security Alliance. Almost 90 percent of those surveyed said these ERP apps—most commonly SAP, Oracle, and Microsoft Dynamics—are business-critical, leading to many migration challenges and concerns.

Read More

Kitchenware Companies Breached in Dual Attacks

scmagazine.com, Jan. 10, 2019

OXO International, a maker of kitchen utensils, and Discountmugs.com, which sells a variety of promotional materials including mugs, glassware and dinnerware, each reported attacks. OXO in its breach letter of notification to the California attorney general’s office said its e-commerce site was likely breached from June 9, 2017 to November 28, 2017, June 8, 2018 to June 9, 2018, and from July 20, 2018 to October 16, 2018.

Read More

NotPetya Victim Mondelez Sues Zurich Insurance for $100 Million

darkreading.com, January 11, 2019

Mondelez, U.S. food distributor and owner of major brands Ritz and Nabisco, has filed a lawsuit against Zurich Insurance Group after its claim seeking $100 million for NotPetya damage was denied. NotPetya struck global companies with a massive ransomware attack back in 2017.

Read More

HHS Publishes Voluntary Healthcare Cyber Security Practices for Medical Organizations

securityintelligence.com, January 7, 2019

HHS released “Health Industry Cyber Security Practices (HICP): Managing Threats and Protecting Patients” in response to a mandate to develop healthcare cyber security standards laid out by the Cyber Security Act of 2015. More than 150 cyber security and healthcare experts from the private and public sectors worked together for two years to fulfill this directive.

Read More

[News] Delta Risk Achieves Amazon Web Services (AWS) Advanced Partner Status

In case you missed it: Delta Risk recently achieved AWS Advanced Partner Status within the Amazon Web Services Partner Network for our ActiveEye Cloud Security Platform! Learn more here:

Read More

Sign Up for Our Newsletter

financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points