5G Security in the Balance as Britain Navigates Brexit

Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime PM Boris Johnson: US ‘Must Tell Us What’s the Alternative’ to Chinese-Made Gear Mathew J. Schwartz (euroinfosec) • January 15, 2020     British Prime Minister Boris Johnson speaks to BBC Breakfast on Tuesday. Britain continues to collectively debate its existential future, including the meaning and timing of its so-called “Brexit” from the European Union. The British government’s…

January 15, 2020
Read More >>

‘Wartime’ Security Mentality Revisited

Five years ago, cybersecurity executive Dave Merkel called upon enterprises to shed their “peacetime” mindsets and adopt a “wartime” stance against persistent cybercriminals and nation-state actors. How have they risen to that challenge? Merkel was CTO of cybsecurity vendor FireEye at the time of that interview (see: Advanced Threats: Prepare for War). Today, as co-founder and CEO of managed security service provider Expel, he revisits this conversation about adopting the…

January 15, 2020
Read More >>

Equifax Settles Mega-Breach Lawsuit for $1.38 Billion

Federal Judge Gives Final Approval to Class-Action Settlement Over 2017 Breach Jeremy Kirk (jeremy_kirk) • January 15, 2020     A federal judge in Atlanta has given final approval to a settlement that resolves a class-action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history. See Also: Key Trends in Payments Intelligence: Machine Learning for Fraud Prevention The final approval order The…

January 15, 2020
Read More >>

NSA Uncovers ‘Severe’ Microsoft Windows Vulnerability

Microsoft Provides Patch for Cryptographic Flaw in Windows 10 Scott Ferguson (@Ferguson_Writes) • January 14, 2020     Watch for updates on this developing story. See Also: Webinar | The Future of Adaptive Authentication in Financial Services The U.S. National Security Agency took the unusual step Tuesday of announcing what it calls a “severe” vulnerability in Microsoft’s Windows 10 operating system ahead of Microsoft’s Patch Tuesday security update. The flaw…

January 15, 2020
Read More >>

Report: Russian Hackers Targeted Ukrainian Gas Firm Burisma

Employees Targeted With Phishing Campaign, Area 1 Security Researchers Say Ishita Palli • January 14, 2020     Hackers with ties to the Russian government have been targeting Ukrainian natural gas company Burisma with a series of phishing attacks designed to steal employee credentials, according to researchers at Area 1 Security. The company first shared its findings with the New York Times. See Also: Key Trends in Payments Intelligence: Machine…

January 14, 2020
Read More >>

Attorney General Presses Apple to Unlock Shooter’s iPhones

Encryption & Key Management , Endpoint Security , Governance William Barr Labels Pensacola Attack as an Act of Terrorism Akshaya Asokan (asokan_akshaya) • January 14, 2020     Attorney General William Barr U.S. Attorney General William Barr is ratcheting up the pressure on Apple to unlock two iPhones belonging to a Saudi national who killed three at a military based in Pensacola, Florida, in December. In comments on Monday, the…

January 14, 2020
Read More >>

Baby’s First Data Breach: App Exposes Baby Photos, Videos

Breach Notification , Encryption & Key Management , Endpoint Security Peekaboo Moments Hasn’t Responded to Warning That It’s Exposing Personal Content Jeremy Kirk (jeremy_kirk) • January 14, 2020     Source: Peekaboo Moments Picture this: A short video features a bundled baby, snoring gently, who flashes a couple of involuntary, sleepy smiles as someone sings a lullaby. See Also: Webinar | The Future of Adaptive Authentication in Financial Services Unfortunately,…

January 14, 2020
Read More >>

Why Penetration Tests Are So Essential

Cybercrime , Fraud Management & Cybercrime , Governance Avoiding the Massive Potential Costs of a Data Breach Steve King (@sking1145) • January 13, 2020     Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. See Also: Live Webinar | Empowering Your Human Firewall: The Art and…

January 14, 2020
Read More >>

Class Action Breach Lawsuits: The Impact of Data for Sale

After a data breach, if individuals’ stolen information is offered for sale on the dark web, that potentially bolsters class action lawsuits filed by plaintiffs against the breached organization, says technology attorney Steven Teppler of the law firm Mandelbaum Salsburg P.C. Data offered for sale “actually shows that someone is attempting to monetize the victims’ information,” he says in an interview with Information Security Media Group. “And the likelihood of…

January 13, 2020
Read More >>

Albany Airport Pays Off Sodinokibi Ransomware Gang: Report

Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance Same Crypto-Locking Malware Recently Crippled Currency Exchange Firm Telenex Akshaya Asokan (asokan_akshaya) • January 13, 2020     Photo: Wikicommons Officials at the Albany (New York) International Airport paid a ransom to cybercriminals after the facility’s systems were hit with the Sodiniokibi ransomware strain on Christmas, the Albany Times Union reports. See Also: Webinar | Beyond Managed…

January 13, 2020
Read More >>