INFOSECURITY NEWSLETTER

May 31, 2017

5 Incident Response Practices that Keep Enterprises From Adapting to New Threats

Liz Maida, Helpsecurity.com, May 30, 2017

Security analysts within enterprises are living a nightmare that never ends. 24 hours a day, their organizations are being attacked by outside (and sometimes inside) perpetrators – hackers, hacktivists, competitors, disgruntled employees, etc. Attacks range in scope and sophistication, but are always there, haunting the security teams tasked with guarding against them.

Read More

Afraid to Report Insider Threats? Here’s How to Avoid the Fear Factor

Noah Powers, Deltarisk.com, May 24, 2017

Imagine the following scenario: you work with a colleague who everyone sees as a problem. This individual complains about the direction of the company, unfair treatment, and even vocalizes personal financial struggles. People have come to expect this kind of negative behavior from him. One day, though, you overhear this disruptive co-worker say something out of the ordinary, even for him. He’s discussing ways to copy and sell intellectual property to a competitor for a little extra money.

Read More

Think You Know Ransomware? Take a Cybersecurity Quiz

Courtney Linder, Post-gazette.com, May 25, 2017

Ten minutes, one hour, four hours, click. Postpone that annoying Windows update. Avoiding that dreaded dialogue box that pops up on the screen twice a day is a no-brainer for many American employees who don’t want to restart their computers and install a software patch. But in terms of cybersecurity , what seems like an immaterial decision can quickly become a pipeline for hackers and a major expense for companies.

Read More

When Technology Takes Hostages: The Rise of ‘Stalkerware’

Elle Armageddon, Motherboard.vice.com, May 25, 2017

We live in a Golden Age of technology, where apps have been developed to make almost everything convenient: from logistics for a night of Netflix and chill to complete access to someone else’s device. We are living in a time when nearly anything can be delivered to us on demand, whether it’s date night or domestic violence, everything is easier with a little help from modern technology. According to The Guardian, approximately 760 people—more than two per day—are killed by their partners in the US each year.

Read More

Malicious Movie Subtitles Can Give Hackers Full Control Over Your PC

Catalin Cimpanu, Bleedingcomputer.com, May 23, 2017

A vulnerability in how video players load and parse subtitle files allows an attacker to execute code on a target’s PC and effectively take over the device. This vulnerability came to light today after security researchers from Israeli cyber-security firm Check Point published partial findings. Researchers say that an attacker can craft malicious subtitle files that when loaded inside one of the many vulnerable media players, it executes code on the user’s device.

Read More

PHI Data Breach Leads to $387K OCR HIPAA Settlement

Health IT Security Staff, Healthitsecurity.com, May 24, 2017

St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) settled alleged HIPAA violations from a PHI data breach by paying $387,000 in an OCR HIPAA settlement. Formerly Spencer Cox Center for Health (the Spencer Cox Center), New York-based St. Luke’s specializes in services for individuals living with HIV or AIDS and other chronic diseases. OCR received a complaint in September 2014 that there had been a PHI data breach when St. Luke’s faxed an individual’s information to his employer.

Read More

People Can Be Strongest Link in Cyber Security, Says NCSC

Warwick Ashford, Computerweekly.com, May 26, 2017

People are often seen as the weakest link when it comes to cyber security, but that must change, says the National Cyber Security Centre. Information security has traditionally been led by technology and, as a result, the role and value of people has been overlooked. That is the view of Emma W, people-centred security team lead at the UK’s National Cyber Security Centre (NCSC).

Read More

New Awareness Study Reveals What You Need For the Best Security Programs

Jennifer Leggio, Zdnet.com, May 30, 2017

SANS Institute has released its 2017 Security Awareness Report, a community-driven study with more than 1,000 security awareness professionals across 58 contributing countries. Security awareness itself has become an increasingly relevant topic for both emerging and mature organizations, given that having a truly skilled professional in the role has become a “must have” versus optional.

Read More

8 Most Overlooked Security Threats

Kelly Sheridan, Darkreading.com, May 26, 2017

Malvertising has fallen off the radar over the last year or so, says Jerome Segura, lead malware intelligence analyst at Malwarebytes. It still remains a threat, but for a new pool of targets. Attackers previously targeted high-profile media sites with malware but learned those attacks generated a lot of attention, he explains. Now they’ve begun turning to smaller brand names with a lot of traffic but less visibility: foreign websites and file-sharing sites, for example.

Read More
financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points