With #RSAC18 coming to a close we wanted to recap what you might have missed this week while attending. Odd-Job Marketplace, TaskRabbit, took their entire site offline after a security incident. Rather than waiting for the problem to worsen, they chose to take their site offline and require users to change their passwords. While it was found in a recently released report that Federal Agencies are hit with more data breaches than other sectors. Lastly, Oracle released a massive CPU update with 245 new security fixes.
Three Things that Need to Change in Cyber Security
“ Hardly a week goes by where there isn’t coverage of a major security breach in the media. Organisations are spending more and more money on cyber security preventive measures yet the breaches seem to keep increasing. I am often asked “what are the top things that need to change to stem this flow?”.”
Federal Agencies Hit With More Data Breaches Than Other Sectors - 330 Million at Risk
“According to Thales e-Security's 2018 Data Threat Report—Federal Government Edition, US federal agencies are experiencing more data breaches than other sectors. The report reveals that 71% of IT security professionals in US federal agencies disclosed that at least one breach had occurred at their respective agencies.”
TaskRabbit Takes Site Offline After Security Incident
“Odd-job marketplace TaskRabbit has taken its website offline and urged users to change any online passwords reused on the platform after a suspected breach.”
Oracle Patches 254 Flaws With April 2018 Update
“Oracle’s Critical Patch Update (CPU) for April 2018 contains 254 new security fixes, 153 of which address vulnerabilities in business-critical applications.”
Tackle Five Top Security Operations Challenges With Threat Intelligence
“The Industry Needs a Common Understanding of How to Best Put Threat Intelligence Into Practice “Knowledge is of no value unless you put it into practice.” When Russian author Anton Chekhov said this more than a century ago, he very well could have been speaking of threat intelligence.”
LinkedIn Vulnerability Allowed User Data Harvesting
“LinkedIn recently patched a vulnerability that could have been exploited by malicious websites to harvest data from users’ profiles, including private information.”
Google's Project Zero exposes unpatched Windows 10 lockdown bypass
“Google's Project Zero researchers have published details and a proof-of-concept code for a method to bypass a Windows 10 security feature."
Brinqa is excited to be an inaugural member of the Recorded Future Connect Xchange. A great initiative for much needed collaboration between modern cybersecurity technologies. #RSAC18
The remediation gap is real.
You have completed your network and application scans to identify the vulnerabilities in your technology infrastructure. Now begins the long journey from a vulnerability being identified and reported, to appropriate actions being taken to address the problem. This ‘Remediation Gap’ is the window of opportunity for attackers to exploit a weakness. According to research, vulnerabilities typically spend hundreds of days in this limbo, leaving organizations exposed to attacks. Fortunately, there are concrete steps that you can take to combat this problem.
Join us for this webinar as we discuss 7 practical strategies designed to reduce the remediation gap while improving effectiveness, efficiency, and consistency, including how to
- Ensure that remediation efforts prioritize the most critical problems
- Improve remediation coverage while reducing overhead
- Leverage existing ITSM systems and processes
- Automate significant parts of the process