As usual, infosec news was eventful this week. It doesn't seem like we can go a week without the exposure of another breach or large scale vulnerability popping up. One of our favorite articles noted that "Every minute, nearly 5,000 data records are lost or stolen somewhere around the globe: that’s more than 7.1 million a day." with these stats increasing yearly it's important to stay up to date and take a risk-centric approach to your cybersecurity.
Vulnerabilities Found in Linux 'Beep' Tool
"Several vulnerabilities have been found in the Linux command line tool Beep, including a potentially serious issue introduced by a patch for a privilege escalation flaw".
Flaw exposes cities' emergency alert sirens to hackers
“A vulnerability in a popular emergency alert system, widely used across towns and cities, exposes sirens to hijack, allowing hackers to trigger false alarms".
2.6 Billion-Plus Data Records Breached Last Year
"Every minute, nearly 5,000 data records are lost or stolen somewhere around the globe: that’s more than 7.1 million a day".
Uber Agrees to New FTC Settlement Over 2016 Breach Disclosure
“Uber has agreed to an updated settlement with the FTC after news of its massive 2016 data breach.”
Why Mass Transit Could Be the Next Big Target for Cyber Attacks—and What to do About it
“The constantly evolving tools and methods of cyber attackers has resulted in specific industries becoming the unfortunate subjects of sudden upswings in incident volume and severity.”
Securing Critical Infrastructure in the Wake of Unprecedented Cyber Threats
"Last year saw a worrying trend in the cybersecurity attack arena as critical infrastructure came under fire, with many suggesting in 2018 these attacks could escalate.
Unpatched Vulnerabilities the Source of Most Data Breaches
“Nearly 60% of organizations that suffered a data breach in the past two years cite as the culprit a known vulnerability for which they had not yet patched.”
Brinqa at InfoSec SouthWest - Austin, TXBrinqa had a great time InfoSec Southwest talking with our local Austin, TX community
The remediation gap is real.
You have completed your network and application scans to identify the vulnerabilities in your technology infrastructure. Now begins the long journey from a vulnerability being identified and reported, to appropriate actions being taken to address the problem. This ‘Remediation Gap’ is the window of opportunity for attackers to exploit a weakness. According to research, vulnerabilities typically spend hundreds of days in this limbo, leaving organizations exposed to attacks. Fortunately, there are concrete steps that you can take to combat this problem.
Join us for this webinar as we discuss 7 practical strategies designed to reduce the remediation gap while improving effectiveness, efficiency, and consistency, including how to
- Ensure that remediation efforts prioritize the most critical problems
- Improve remediation coverage while reducing overhead
- Leverage existing ITSM systems and processes
- Automate significant parts of the process