Omnistruct Webinar: Staying In Business After Hackers Succeed

Date: Nov 19, 2020 at 01:00 PM in Pacific Time (US and Canada)

Speaker: George Usi

Get Social With Us!

Business Information Security News of the Week, November 13, 2020

Top Stories for this Week

Omnistruct Webinar: Staying In Business After Hackers Succeed

My Business Was Hacked. Now What? Coming in hot is our upcoming webinar where we're talking with George Usi of Omnistruct about "Staying In Business After Hackers Succeed". Learn how to be prepared for when you must recover your business after being hacked! Join us on Thursday, Nov 19, 1-2 PM PDT.

California passes Proposition 24

California just passed a major privacy law that will make it harder for Facebook and Google to track people and gather data

Microsoft urges users to stop using phone-based multi-factor authentication

Microsoft recommends using app-based authenticators and security keys instead

New Known Breaches in the Past Week

This Week in Breach News:

This week: Capcom discovers ransomware isn’t a game, Magecart hackers strike gold from JM Bullion, healthcare cyberattack warnings come to fruition, and we’ve put together a Dark Web crash course for you! 

FBI: Hackers stole source code from US government agencies and private companies

The Federal Bureau of Investigation has sent out a security alert warning that threat actors are abusing misconfigured SonarQube applications to access and steal source code repositories from US government agencies and private businesses. By Catalin Cimpanu I November 07, 2020

Luxottica data breach exposes LensCrafters, EyeMed patient info

A Luxottica data breach has exposed the personal and protected health information for patients of LensCrafters, Target Optical, EyeMed, and other eye care practices. By Lawrence Abrams I November 7, 2020

Data breach at Mashable leaks users’ personal information online

Technology and culture news website Mashable has announced that the personal data of users has been discovered in a leaked database posted on the internet. By Jessica Haworth I November 09, 2020

Data breach at Sandicliffe could affect “thousands” of customers

A legal firm claims that a data breach at Sandicliffe Motor Group could affect “thousands” of staff and customers. By Fleet Industry News I November 11, 2020

General Cybersecurity News

Changing Cybersecurity Culture One Habit at A Time

By George Finney, Chief Security Officer for Southern Methodist University and Author of Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future. By News Team I November 8, 2020

Can your kids be a cybersecurity risk at home?

This brings an increased perimeter of attack threats in several directions. Now is the time to improve online home security practices and ensure that cybercriminals do not compromise our activities. Next, check out some common scenarios in the home office, including the fact that children may be endangering devices. By Leonard Manson I November 8, 2020

Finding the Needle in the Haystack: Accelerating Threat Remediation with AI

Elon Musk’s prediction that AI will outsmart humans in less than 5 years is a bold statement, predicting that machines will possess super-human qualities which help boost organizations’ profits and goals. For many, these ideas belong in sci-fi fantasies rather than as a future fixture of working practices. By Shutterstock I November 09, 2020

Check Point Software Launches Industry’s First Cyber Security Platform with Autonomous Threat Prevention

Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has introduced its next-generation unified cyber security platform, Check Point R81. The new platform is the industry’s first to deliver autonomous threat prevention designed for the entire distributed enterprise, enabling IT staff to manage the most complex and dynamic network environments easily and efficiently. By Check Point Software Technologies Ltd. I November 09, 2020

CyberSeek™ Helps Organizations Address Growing Cybersecurity Staffing Challenges

New data from CyberSeek™, America’s top free resource on the U.S. cybersecurity job market, shows that the shortage of cyber professionals is approaching a danger level, putting digital privacy and infrastructure at greater risk. By Burning Glass Technologies | November 09, 2020

Small Business Cybersecurity Concerns

Ready or Not…Government Contractor Cybersecurity Requirements Roll Out This Month

New Department of Defense (DoD) regulations related to government contractor Cybersecurity requirements become effective November 30, 2020. By McGuireWoods LLP I November 09, 2020

" President-Elect Joe Biden: Small Business Priorities, Technology Industry Reactions"

Cybersecurity: President-elect Joe Biden’s approach to cybersecurity appears likely to mirror that of his old boss, former President Barack Obama. Expect Biden’s White House to increase pressure on Russia, practice greater involvement in cybersecurity, and foster high levels of coordination around all things cyber. By Bank Info Security I November 9, 2020.

Small businesses need continued cybersecurity assistance through pandemic, officials say

Cities struggling to recover from the devastating economic impact of the coronavirus pandemic need to prioritize the cybersecurity of their small- and medium-sized business communities, a panel of cybersecurity officials and experts said during a webinar Tuesday. By Ryan Johnston I November 10, 2020

Catch Of The Week: FBI Warns Of Ransomware Targeting Healthcare

With the healthcare system already strained by the pandemic, cyber-criminals are targeting the healthcare sector. This week the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the FBI issued a joint advisory warning of “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” By Becky Rutherford I November 07, 2020

MSP News

Data Center Managed Services Market To Observe Exponential Growth By 2020-2027|Dell, NTT Data, ATOS SE, ZTE, IBM, Wipro, TCS, Ericsson

Data center managed services provider is a new business model that takes an enterprise-wide, strategic method to IT management. Data center led services to include several stakeholders, such as system integrators, service providers, consulting firms, technology partners, research organizations, resellers and distributors, technology providers, and enterprise users. The data center managed service market is expected to grow significantly due to the wide adoption of managed facilities by organizations across several verticals. By: Mayur I November 09, 2020

Cyber Consulting Firms Get Tied Up in Post-Breach Lawsuits

Cybersecurity consultants could be on the hook for data breaches at companies they contract with after two recent court rulings in consumer class actions. By Bloomberg Law I November 10, 2020

Cyber Insurance News

Global Insurance Pricing Jumps in Third Quarter

Global commercial insurance prices increased 20%, on average, in the third quarter of 2020 as the market continued to firm. It was the twelfth consecutive quarter of increases in the Marsh Global Insurance Market Index, and the largest increase observed since the index’s inception in 2012. By Lucy Clarke I November 09, 2020

The Double-Edged Sword of Cybersecurity Insurance

Cybersecurity insurance is no longer a luxury. As attacks have accelerated — and become more costly — the idea of hedging against a breach has gone mainstream. The global cyber-insurance market now stands at $7.8 billion, but it's projected to reach $20.4 billion by 2025, according to an October 2020 report from ResearchAndMarkets. By Samuel Greengard I November 10, 2020

CVE Announcements This Week

Apple closes zero-day attack hole on iPhones that was being exploited

The last time Apple updated iOS 12 was mid-July 2020, back then there were no known security holes - the update just sought to fix the worst bugs so that Apple's developers could stop maintaining the version. However, on 7 November there was a new version of iOS 12 that snuck out alongside updates for macOS Catalina, iOS 14 and tvOS 14. By Halyna Kubiv I November 09, 2020

Impact Of US-China Technationalism On ASEAN – Analysis

Geostrategic tensions, global mistrust and the dark side of the digital world are significant threats that could fracture the world, according to the United Nations (UN) Secretary-General during the UN General Assembly in September 2020. These threats stem from the strategic competition between the United States (US) and China, which risks fueling a new Cold War that could ‘split the globe’. By Muhammad Faizal and Dymples Leong I November 09, 2020

Fake Microsoft Teams updates lead to Cobalt Strike deployment

Ransomware operators are using malicious fake ads for Microsoft Teams updates to infect systems with backdoors that deployed Cobalt Strike to compromise the rest of the network. By Ionut Ilascu I November 9, 2020

SwRI hacks electric vehicle charging to demonstrate cybersecurity vulnerabilities

Engineers at Southwest Research Institute were able to interfere with the charging process of an electric vehicle (EV) by simulating a malicious attack as part of an automotive cybersecurity research initiative. By EurekAlert I November 09, 2020

Regulations, Frameworks, and Controls

New Government Contractor Cybersecurity Requirements Loom

A new cybersecurity rule will go into effect for DoD contractors at the end of the month to enhance the protection of unclassified information within the supply chain. By Chris Brook I November 10, 2020

Top Risk Factors Associated With Modern Cloud Security Frameworks

Modern Cloud security trends reveal a serious gap between current IT security postures and cyber threat assessment across various organizations. The lack of enough security staff, IT risk auditors, and the rapid migration to Cloud Computing platforms have put immense pressure on existing Cloud Security frameworks. By AIT Staff Writer I Nov 10, 2020

Palo Alto Networks Fights Data Breaches With DLP

Palo Alto Networks added cloud-delivered data loss prevention (DLP) to its security lineup. The aptly named Enterprise DLP centralizes data protection policies and automatically applies them across networks, cloud services and infrastructure, and users. By Jessica Lyons Hardcastle I November 10, 2020

MOST COMMON CYBERSECURITY THREATS AND SOLUTIONS

Cybersecurity is one of the most important parts of today’s life. Almost all of us have different problems nowadays regarding Cyber Security. The scams online have also been increased in the last few years. Many people have faced bankruptcy in the last few years. Hence, it has become a serious concern for the people of today’s world. By Mustafa Butt | Nov 9, 2020

Ready or Not…Government Contractor Cybersecurity Requirements Roll Out This Month

New Department of Defense (DoD) regulations related to government contractor Cybersecurity requirements become effective November 30, 2020. By McGuireWoods LLP I November 09, 2020