INFOSECURITY NEWSLETTER

December 20, 2017

[Webinar] Flying Blind: 2017 Cloud Configurations Gone Wrong

In this webinar, we’ll take a look at 2017 cloud data breaches: what went wrong and how to avoid the same fate. What are some of the telltale signs a misconfiguration is going to put your critical assets at risk? How can you avoid a misconfiguration in the future? Join our team of cloud security experts for a 45-minute webinar to learn more about the steps you can take to improve your cloud security posture and keep your critical information protected.

View it On Demand

9 AWS Secrets You Need to Know Before Moving to the Cloud

Lauren McKenna, deltarisk.com, December 14, 2017

Cloud security is a hot topic lately, and for good reason. As more businesses have migrated to the cloud, there have been more data breaches. In our recent webinar, Flying Blind: 2017 Cloud Configurations Gone Wrong, cloud security experts John Hawley and Mike Piscopo detailed several of the worst misconfiguration disasters we’ve seen this year. Among the data breach incidents we covered in our webinar, there were several in the Amazon Web Services (AWS) Cloud.

Read More


Android Malware Will Destroy Your Phone. No Ifs and Buts About It

Catalin Cimpanu, bleepingcomputer.com, December 18, 2017

A malware strain known as Loapi will damage phones if users don’t remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone’s components, which will make the battery bulge, deform the phone’s cover, or even worse. Discovered by Kaspersky Labs, researchers say Loapi appears to have evolved from Podec, a malware strain spotted in 2015.

Read More

2017 Year in Review: Cyber-Security Faces Challenges Old and New

Sean Michael Kerner, eweek.com, December 19, 2017

As 2017 draws to close, it’s a good time to reflect on the year that was in cyber-security. In many respects, this was a landmark year for cyber-security, with the scale of attacks and breaches reaching new heights as organizations struggled to stay safe. A number of key cyber-security events took place in 2017—involving ransomware, including WannaCry and NotPetya; misconfigured Amazon cloud storage disclosures; new vulnerabilities such as KRACK; and mega-breaches such as the Equifax attack.

Read More


Five Things CIOs Can Do as IoT Adoption Turns Into a Nightmare

Subho Halder, helpnetsecurity.com, December 18, 2017

There is no doubt that IoT technology has tremendous potential to improve outcomes for customers and also deliver significant business outcomes. As businesses are increasing investment on IoT, security professionals are going through a nightmare implementing secure deployments. While there are numerous benefits, the highly interconnected nature of IoT setups and deployments coupled with their open nature and diverse hardware is creating a new set of security problems to deal with.

Read More

[Video] Symantec CEO on Why Consumers Need to Step Up Their Cybersecurity

CBS News, cbsnews.com, December 15, 2017

According to a recent report, cybercrime is now costing the world trillions of dollars every year. The U.S. has seen a number of massive cyberattacks in 2017 including hacks of companies like Uber, Verizon, Anthem, Microsoft, X-Box and Google and impacting millions customers. The Equifax hack alone exposed the data of more than 145 million Americans.

Read More

Your Company’s Cybersecurity Score is as Important as Its Credit Rating

Leah Brown, techrepublic.com, December 15, 2017

Gartner recently released a report showing major cyberattacks are coming. TechRepublic’s Dan Patterson met with Gartner’s research director Jeff Wheatman to discuss why companies should keep cybersecurity as their top priority. “It’s no longer just about understanding whether a company you’re going to do business with is credit-worthy, we need to understand what their security posture is, because it’s going to have an impact on our security posture,” Wheatman said.

Read More

Why 0% of US Companies Believe Their Information Security Strategy is Working

Conner Forrest, techrepublic.com, December 13, 2017

No US company has an information security function that is meeting all of its needs, according to EY’s Global Information Security Survey. According to the survey, 0% of US companies in 2017 said their security needs were fully met by their current information security function, down from 11% in 2016. The number was 11% for companies worldwide.

Read More


You’re Probably Putting Your Company’s Cybersecurity at Risk

Erin Carson, cnet.com, December 14, 2017

There’s a solid chance you’re jeopardizing your company’s cybersecurity. Out of more than 1,000 office workers surveyed by business cloud company Intermedia, 99 percent said they did something that could leave their company at risk, according to a report out Wednesday. So what are those sinister actions? They’re things like automatically saving work passwords on work devices — 96 percent do that — and using personal devices to send documents for work.

Read More

Security First Approach Provides a Significant Advantage to Law Firms

Mark Sangster, law.com, December 20, 2017

Monumental cyber events, such as the recent Equifax breach, draw enormous press attention, public outrage and government scrutiny. The coverage is almost exclusively negative, challenging the security capabilities of the firm and questioning whether negligence played a role. These breach stories fuel a security industry that all too often feeds on fear, uncertainty and doubt — a practice collectively referred to as selling FUD.

Read More

Sign Up for Our Newsletter

financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points