Weekly News Roundup January 11-15, 2021
Posted on Jan 15, 2021by Kacy Zurkus Hello, readers! Once again, the massive SolarWinds hack is monopolizing headlines, with Forbes Business reporting on January 14 that CrowdStrike, a cybersecurity firm investigating the SolarWinds attack, identified a third malware strain, dubbed SUNSPOT, that is believed to be involved in the hack. As more evidence ... Read More
Weekly News Roundup January 4-8, 2021
Posted on Jan 8, 2021by Kacy Zurkus A new year holds such promise, and despite 2021 being off to an unprecedented start, we have much to look forward to as an industry. RSA Conference is kicking off the year with our inaugural RSAC 365 Virtual Summit on January 27, and ... Read More
5 Things to Try in Your Awareness Program in 2021
Posted on Jan 4, 2021by Tom Pendergast Do you know what really kills a security or privacy awareness program? Boredom. Boredom erodes employee engagement, as people tune out the same old training or the same old messages year after year. And boredom erodes your own interest in your work, ... Read More
Ben’s Book of the Month: Review of “Tribe of Hackers Blue Team: Tribal Knowledge from the Best in Defensive Cybersecurity”
Posted on Dec 31, 2020by Ben Rothke There are 12 primary colors on the color wheel. They already covered red, and now authors Marcus J. Carey and Jennifer Jin are back with Tribe of Hackers Blue Team: Tribal Knowledge from the Best in Defensive Cybersecurity (Wiley). Good news is that there are many ... Read More
Domain Attack Surfaces: What Are They? How Big Are They?
Posted on Dec 23, 2020by Jonathan Zhang Understanding attack surfaces is a pivotal cybersecurity activity—and reasonably so. In 2019, a sample of 115 organizations revealed a total of 123,454 vulnerabilities, with 91% rated “medium” to “critical.” What’s more, it takes an average of 121 days for large organizations to discover ... Read More
Book review: You CAN Stop Stupid: Stopping Losses from Accidental and Malicious Actions
Posted on Dec 23, 2020by Ben Rothke In the movie Forrest Gump, Tom Hanks gets asked many times if he is stupid. The character Forrest Gump replies with a line that is now part of the American lexicon: “stupid is as stupid does.” The meaning of the term is that an ... Read More
Ransomware Risks in 2020: Double Extortion and Third-Party Targeting
Posted on Dec 21, 2020by David Hétu This year has brought not only a pandemic but also a global remote workforce which requires access to sensitive data and enterprise networks. As a result, the industry has noticed a shift from ransom to double extortion. In this situation, ransomware first engages ... Read More
Holiday Fraud and Popular Schemes
Posted on Dec 18, 2020by Roderick Chambers “Don’t take any wooden nickels!”—a lighthearted reminder to be cautious and not get scammed. Fraud is a prevalent issue, especially in the retail, travel, and hospitality industries. LexisNexis® conducted a retail and e-commerce survey with risk and fraud executives in the United States ... Read More
Weekly News Roundup December 14-18, 2020
Posted on Dec 18, 2020by Kacy Zurkus Happy holidays, dear readers! This is my final news roundup of 2020. Suffice to say, this year is going out with a bang! I don’t think anyone is sad to bid farewell to this truly unprecedented year. Given the year we’ve had, it’s ... Read More
Hackers and Cyberthreats Are Relentless
Posted on Dec 17, 2020by Robert Ackerman Jr. As 2020 draws to a close, another flurry of significant cyber-breaches added to the bad news that swept through a particularly grim year. Early this month, for example, we learned that FireEye – one of the world’s largest cybersecurity firms –was the ... Read More
