FINANCIAL INFOSECURITY NEWSLETTER

August 2017

Hackers Descend on Las Vegas to Expose Voting Machine Flaws

Kevin Collier, politico.com, July 30, 2017

Election officials and voting machine manufacturers insist that the rites of American democracy are safe from hackers. But people like Carten Schurman need just a few minutes to raise doubts about that claim.

Read More

4 Ways to Integrate Your Cyber Security Incident Response and Business Continuity Plans

Stephanie Ewing-Ottmers, deltarisk.com, July 12, 2017

In most organizations, cyber security incident response (IR) and business continuity (BC) or disaster recovery (DR) are still considered as separate functions and distinct disciplines. This is clearly a missed opportunity to maximize resources since they are two sides of the same coin.

Read More

Gone Phishing: The Top 10 Attractive Lures

Roy Urrico, cutimes.com, July 13, 2017

What are the most attractive phishing lures? Security alerts, vacation and sick time policy announcements, and package delivery notifications, according to simulated test findings from Tampa Bay, Fla. cybersecurity firm KnowBe4.

Read More

Beware of These Top 10 Phishing Emails. Would You Fall for Them?

Robert Hackett, fortune.com, July 13, 2017

One hazard of being a cybersecurity reporter is that attackers send phishing emails to my inbox on a daily basis. If you don’t believe me, ask the security team at Time Inc., Fortune’s parent company.

Read More

A $10 Hardware Hack that Wrecks IoT Security

Lily Hay Newman, wired.com, July 29, 2017

Most consumer tech manufacturers figure that once a hacker can physically access a device, there’s not much left that can be done to defend it. But a group of researchers known as the Exploitee.rs say that giving up too soon leaves devices susceptible to hardware attacks that can lead to bigger problems.

Read More

Enterprise IT Leaders Demand More Stringent Cyber Security from Suppliers

Nick Ismail, information-age.com, July 31, 2017

CybSafe, the behavioural science based cyber security e-learning platform, today revealed that enterprise level organisations are increasingly assessing cyber security during supplier contract negotiations.

Read More

Creating a Common Language of Cybersecurity

Robert K. Ackerman, afcea.org, August 1, 2017

The Office of the Director of National Intelligence is developing a set of common definitions to unify descriptions of cyberthreats used by different elements of the intelligence community. The effort seeks to bridge differences among various segments of the community when it comes to assessing these threats and reporting them to government organizations and industry.

Read More

A Pen Tester’s Perspective on Petya Ransomware

Noah Powers, deltarisk.com, July 26, 2017

There’s no shortage of analysis on the Petya ransomware strain that struck organizations across the globe in the past month. You can find blog posts and articles covering practically every angle – from the machine language nuances of the code, to the length of the encryption key, to the possible nationality of the code writer.

Read More

[Opinion] The Biggest Threat to Cybersecurity is Not Enough Info Sharing

Lloyd McCoy Jr., csoonline.com, July 26, 2017

Even the Department of Defense is working hard to keep pace with the changing landscape of cybersecurity threats. The key, by most estimates, is information sharing. But whether the DOD and other agencies are ready for the level of sharing required is another matter.

Read More