Weekly InfoSec Roundup 12/15/17

As the new year approaches, many are reflecting on this year’s news and events that received the most attention. 2017 was wrought with large scale breaches and outdated/ill planned cyber security policies. Here is a look at what was in the news this week.

 

  • WannaCry and NotPetya Had Little Impact on Security Spend

Despite the huge impact WannaCry and NotPetya had on organizations, the two ransomware campaigns earlier this year did little to affect budgets or boardroom interest in security, according to a new study.”

Read More

 

  • Post-Breach Carnage: Worst Ways The Axe Fell in 2017

“Executive firings, stock drops, and class action settlements galore, this year was a study in real-world repercussions for cybersecurity lapses.”
Read More

 

  • Security in 2018: Automation, boardrooms and the Notifiable Data Breaches Act

The security threats and breaches of 2017, from WannaCry to Petya, Equifax to DaFont, have set new records for personal data invasion and impacted hundreds of millions of people globally.”
Read More

 

  • What Lies Beneath – Avoiding the Unseen Dangers of OT Vulnerabilities

A recent Accenture survey found that 76 percent of utility executives in North America believe the country faces a moderate risk of interruption to electricity due to a cyberattack. Process control networks (PCNs) in critical infrastructure sites − refineries, chemical plants, and manufacturing facilities − all have potential danger swimming just below the surface in the form of undiscovered vulnerabilities.“
Read More

 

 

  • Cybersecurity Incidents Hit 83% of U.S. Physicians: Survey

“A majority of physicians in the United States have experienced a cybersecurity incident, and many are very concerned about the potential impact of a cyberattack, according to a study conducted by professional services company Accenture and the American Medical Association (AMA).”
Read More

 

  • Adobe Patches ‘Business Logic Error’ in Flash Player

“The only security update released by Adobe this Patch Tuesday addresses a moderate severity regression issue affecting Flash Player.”
Read More

 

  • Microsoft fixes 33 bugs in December patch, mostly for IE and Edge

Microsoft’s December patch update is relatively small judged by the number of vulnerabilities it fixes but there are a host of critical scripting engine flaws that affect Windows 10 Edge and Internet Explorer 11.”
Read More

 

 

  • Cyber Risk Management simplified: Your business is your kingdom

One of the big misconceptions about cyber security is that organisations can maximise protection by focusing their attention—and investments—predominantly on protecting the headquarters environment and physical network.  In today’s era of remote workers, mobility and workplace transformation, executives who embrace this centralised approach may be undermining or missing imminent risks at their network perimeters.”
Read More

 

  • Critical Flaws Found in Palo Alto Networks Security Platform

“Updates released by Palo Alto Networks for the company’s PAN-OS security platform patch critical and high severity vulnerabilities that can be exploited for remote code execution and command injection.”
Read More

 

 

  • TRITON Malware Used in Attacks Against Industrial Safety Equipment

“Security researchers from FireEye’s Mandiant investigative division have spotted a new form of malware that’s capable of targeting industrial equipment.”

Read More

 

 

  • Are You Complying with the Executive Order on Cybersecurity?

In May 2017, the President issued an Executive Order on Cybersecurity. Among other requirements, the order holds agency heads accountable for appropriate cyber defenses.”
Read More

 

  • Is Your Security Workflow Backwards?

The pace at which information security evolves means organizations must work smarter, not harder. Here’s how to stay ahead of the threats.”

Read More

 

  • Perceived Data Value Varies Wildly Across Industries, Countries

“When it comes to the value placed on critical data, there is major variance in perception across countries and industry sectors.”

 Read Me

Stay updated with our blog posts

Enter your email address and you'll be notified about our new posts

  • This field is for validation purposes and should be left unchanged.
© 2019 BRINQA | Legal | Terms