INFOSECURITY NEWSLETTER

June 14, 2017

3 Things You Need to Know About Cyber Security in an IoT and Mobile World

Jason Hiner, Zdnet.com, June 11, 2017

Cybersecurity fears continue to grow as the digital revolution embeds itself in new parts of society every day. We discuss the topic in-depth in our ZDNet/TechRepublic special report “Cybersecurity in an IoT and Mobile World.” To sum it all up, here are the three things you need to know about cybersecurity in the world that is increasingly dominated by mobile technology and the Internet of Things.

Read More

New York Cyber Security Regulations: Are You Ready to Implement 23 NYCRR 500?

Zackery Mahon, Deltarisk.com. June 8, 2017

March 1, 2017, marked the day that “23 NYCRR 500” (the New York Cyber Security Regulation) went into full effect for all New York Department of Financial Services (NYDFS) regulated individuals and organizations. These groups are required to adopt programs, policies, and procedures to protect their most sensitive information and assets from cyber security threats.

Read More

OCR Issues a Cyberattack Response ‘Checklist’

Marianne Kolbasuk, Govinfosecurity.com, June 9, 2017

Federal regulators have issued new materials to aid healthcare organizations and their vendors in their “quick response” to cyberattacks . The checklist and infographic from the Department of Health and Human Services’ Office for Civil Rights are part of HHS’ ongoing campaign to help improve awareness and especially readiness of healthcare sector entities in dealing with escalating cyberattacks .

Read More

The Behavioral Economics of Why Executives Underinvest in Cybersecurity

Alex Blau, Hbr.org, June 7, 2017

Determining the ROI for any cybersecurity investment, from staff training to AI-enabled authentication managers, can best be described as an enigma shrouded in mystery. The digital threat landscape changes constantly, and it’s very difficult to know the probability of any given attack succeeding — or how big the potential losses might be. Even the known costs, such as penalties for data breaches in highly regulated industries like health care, are a small piece of the ROI calculation.

Read More

40,000 Subdomains Tied to RIG Exploit Kit Shutdown

Michael Mimoso, Threatpost.com, June 5, 2017

Tens of thousands of illegally established subdomains used by criminals involved with the RIG Exploit Kit were recently taken down after an investigation revealed that hackers were phishing domain account credentials to set up these subdomains. Most of the subdomains used GoDaddy as the primary domain registrar.

Read More

Majority of DDoS Attacks are Short, Low-Volume Bursts

Dark Reading Staff, Darkreading.com, June 5, 2017

DDoS attacks largely fall into the camp of short, low-volume sieges, but large-volume attacks are sharply on the rise, according to a study released today. Short, low-volume DDoS attacks still account for the majority of slam sessions against networks, but large-volume attacks posted a 55% spike in the first quarter over the previous quarter, according to a report released today by Corero Network Security.

Read More

Don’t Like Mondays? Neither Do Attackers

Fahmida Y. Rashid, Csoonline.com, June 7, 2017

Monday may be our least favorite day of the week, but Thursday is when security professionals should watch out for cybercriminals, researchers say. Timing is everything. Attackers pay as close attention to when they send out their booby-trapped emails as they do in crafting how these emails look. Malicious email attachment message volumes spike more than 38 percent on Thursdays over the average weekday volume, Proofpoint said in its Human Factor Report, which analyzed malicious email traffic in 2016.

Read More

How End-User Devices Get Hacked: 8 Easy Ways

Kelly Sheridan, Darkreading.com, June 9, 2017

When it comes to scamming consumers and businesses, the most effective strategies aren’t necessarily the most complex. Hackers seeking funds, data, and access to corporate systems don’t need advanced techniques when tried-and-true tactics consistently work on their victims. There are two primary types of attacker motivations: opportunistic and targeted.

Read More

Bored Employees Seen as Biggest Potential Data Security Risk

Help Net Security Staff, Helpnetsecurity.com, June 8, 2017

Employees who become distracted at work are more likely to be the cause of human error and a potential security risk, according to a snapshot poll conducted by Centrify at Infosec Europe in London this week.Of the 165 respondents, more than a third (35%) cite distraction and boredom as the main cause of human error.

Read More
financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points