INFOSECURITY NEWSLETTER

January 31, 2018

[Webinar] Data Breach Survival Tactics: Building Actionable Incident Response Plans

In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. Join our incident response experts for a 45-minute webinar to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.

Reserve My Seat

Cloud Security Learning Curve Remains High: Latest Amazon S3 Misconfiguration Illustrates Need for Safety Nets

John Hawley, deltarisk.com, January 25, 2018

We can add yet another sensitive data breach to our lessons learned catalog. This one, involving a large volume of sensitive medical records exposed to the world, goes in the fat folder related to misconfigured storage services. A U.S.-based digital records management company stored this information in a large PDF file, which was then stored in an Amazon Web Services (AWS) Cloud S3 storage bucket. Anyone who had the unique URL associated with the S3 bucket could bypass Amazon encryption to access this privileged information.

Read More


Over a Third of Global Firms Breached in 2017

Phil Muncaster, inforsecurity-magazine.com, January 25, 2018

Over a third (36%) of global organizations were breached last year, a 10% increase from 2016, according to new figures from Thales. The security and defense contractor polled 1200 senior IT executives in Germany, Japan, India, the Netherlands, Sweden, South Korea, the UK and the US to compile its 2018 Thales Data Threat Report.

Read More

Rapid Ransomware Continues Encrypting New Files as they Are Created

Lawrence Abrams, bleepingcomputer.com, January 23, 2018

A new ransomware is being spread called Rapid Ransomware that stays active after initially encrypting a computer and encrypts any new files that are created. While this behavior is not unique to Rapid, it is not a common behavior we see too often. While it is not known how the Rapid Ransomware is being distributed, it has been infecting numerous people starting in January.

Read More


Industries Most at Risk of Phishing Attacks Revealed

Mirko Zorz, helpnetsecurity.com, January 24, 2018

A new KnowBe4 study of phishing statistics for top industries, shows small insurance companies have the highest percentage of phish-prone employees in the small to mid–size organization category. Not-for-profit organizations take the lead in large organizations. The study, drawn from a data set of more than six million users across nearly 11,000 organizations, benchmarks real-world phishing results.

Read More

Why Are So Few Women in Cybersecurity?

Tim Johnson, McClatchy, govtech.com, January 25, 2018

Ellison Anne Williams has a Ph.D. in mathematics, vast experience at the den of wizards known as the National Security Agency and entrepreneurial chops. She’s accomplished and smart. So what happened to her at a recent business meeting left her dismayed, although it is far from uncommon for women in cybersecurity. “I was in the room and the fellow walked in. He stopped dead in his tracks and the first words out of his mouth were, ‘You’re a girl.’ And I said, ‘Yes, what were you expecting?’” said Williams, founder and chief executive of Enveil, a Fulton, Md., data security company.

Read More

Cyber Attacks Surge, Ransomware Leading the Way

Help Net Security Staff, helpnetsecurity.com, January 26, 2018

“Surprising no one, 2017 marked another ‘worst year ever’ in data breaches and cyber incidents around the world,” said Jeff Wilbur, director of the OTA initiative at the Internet Society. “This year’s big increase in cyberattacks can be attributed to the skyrocketing instances of ransomware and the bold new methods of criminals using this attack.”

Read More

How To Make Email Security Central To Your Cybersecurity Strategy In 2018

David Wagner, informationsecuritybuzz.com, January 29, 2018

2017 was another watershed year for cybersecurity. The breaches at Equifax and Yahoo! stand out for their size, but the more troubling development is how much more targeted attacks have become. The HBO attack showed us that hackers are willing to focus on valuable intellectual property or private conversations and hold them hostage for a hefty ransom. The continued attention on the Democratic National Committee hack also revealed that hackers have political agendas that can transcend financial motives.

Read More


[Opinion] Endpoint Detection and Response is Coming – In One Form or Another

Joe Oltsik, csoonline.com, Janaury 23, 2018

A few years ago (2016), my esteemed colleague Doug Cahill and I spoke with 30 enterprise organizations about their endpoint security requirements and strategies. Based upon these discussions, we came up with a concept called the endpoint security continuum. On one end of the continuum lies advanced threat prevention. This software is sometimes referred to as “next-generation AV” because it uses technologies such as machine learning and threat intelligence integration to improve the threat prevention capabilities of traditional AV products.

Read More

3 Biggest Cybersecurity Threats Facing Small Businesses Right Now

Brendan M. Egan, zdnet.com, January 31, 2018

Technology has quickly engulfed the world around us. Everything we do, both at a business and personal level, seems to involve technology in one way or another. However, as that happens, small businesses continue to be a top target for hackers, with the number of organizations hit by cybercrime rising each year.

Read More

Sign Up for Our Newsletter

financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points