Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • 5 Cyber Security Risks and Issues You'd Be a Fool to Ignore

    • Every single day, over 350,000 pieces of new malware are detected. Competing with this is difficult but staying on top of cyber security risks is vital for your business.
    • A data breach can cost a fortune and if you are attacked, you could lose days, weeks, or even months of work. Could your business survive this?
    - Saul Rozen | August 31, 2020
  • (hak-iq.us20.list-manage.com)
  • Secure your website with SSL

    • Much like a human being, a website has its own unique identity. However, this identity can be cloned by cybercriminals if not properly secured.
    • Businesses can reduce the risks of data breach by purchasing Secure Sockets Layers (SSL) Certificates for their websites.
    • By doing so, businesses are able to protect both the company data and that of their customers from being duplicated by cyber criminals.
    | August 31, 2020
  • (hak-iq.us20.list-manage.com)
  • Ransomware During COVID-19

    • Ransomware made global news headlines this week when a major ransomware attack was thwarted against Tesla.
    • In total, the average ransomware payment for the second quarter of 2020 was $178,254, a 60 percent increase from the first quarter. The rise coincided with the arrival of “big game hunting.” Previously, ransomware attacks were dominated by spray-and-pray attacks, which were more opportunistic in nature.
    government technology - Dan Lohrmann | August 30, 2020
  • (hak-iq.us20.list-manage.com)
  • ANALYSIS | THE CIA WILL NOT KEEP US SAFE ONLINE

    • Within the cybersecurity world, one of the well-established models for understanding security goals is the CIA triad, which stands for Confidentiality, Integrity, and Availability.
    • This model has been used more broadly beyond information security, for formulating information systems and network security goals.
    • The confidentiality goal means that data should only be accessed by people who have permission.
    • Therefore, any access to data by people who are not authorized, compromises data confidentiality – this includes incidents such as data leakages and breaches.
    MACAU DAILY TIMES | August 28, 2020
  • (hak-iq.us20.list-manage.com)
  • Today’s Jesse James: 21st Century Bank Heists

    • Banking in the 21st century no longer revolves around visiting your local branch. Doing business with a bank is now mostly online, global and 24/7. It makes sense that financial crime has also evolved alongside its target.
    • The modern-day Jesse James has traded in his pistol for expertise in coding.
    • Banks are up against the world’s best hackers, organized crime syndicates and highly motivated rogue nation-states looking for new ways to take on their enemies.
    - Marc Wilczek | August 27, 2020
  • (hak-iq.us20.list-manage.com)
  • Uber CSO’s Hack Cover-Up Shows Breach Discoveries Can Lead to Tough Action

    • Former Uber CSO Joseph Sullivan has been formally charged by the U.S. Department of Justice for his alleged role in funneling $100,000 to hackers to cover up the 2016 data breach.
    • The incident shows how security breaches can get companies sued and why security leaders should do more to protect sensitive data, and bring greater accountability into the breach mitigation process.
    • The investigation revealed that Uber shelled out $100,000 worth Bitcoin to the attackers to delete the data and buy their silence.
    • The company paid off the attackers with hush money under their bug bounty program.
    - Sumeet Wadhwani | August 27, 2020
  • (hak-iq.us20.list-manage.com)
  • Blaming the CISO for a Cybersecurity Breach

    • Recent high-profile data breaches have opened a lot of people’s eyes to the reality of how severe the impact of cyberattacks can be and has raised important concerns for many businesses: if it happens in my organization, who exactly is to blame?
    • CISOs don’t have the unilateral authority for decisions outside of the infosec department and if a potential risk is found due to activity in another area of the business, they can only advise on the proper course of action.
    • After that, it is up to the leadership and if they decide to not follow through with the CISO’s recommendation, then it’s out of the CISO’s hands.
    - RUCHIKA MISHRA | August 26, 2020
  • (hak-iq.us20.list-manage.com)
  • Why Higher Ed Should Prepare for Uncommon Malware Attacks

    • With most colleges and universities opting for online instruction models such as blended learning, hackers see more opportunities to attack.
    • Colleges and universities remain popular targets for malicious actors. Whether this means facing common threats such as ransomware, COVID-19-themed phishing attacks or less common image exploits, post-secondary schools must prioritize a big-picture approach that delivers both solid behavioral education and sophisticated network protections.
    - Doug Bonderud | August 26, 2020
  • (hak-iq.us20.list-manage.com)
  • FBI Investigates COVID-19 Patient Data Breach

    • The FBI is investigating a data breach that exposed the personal information of South Dakota residents who had contracted COVID-19. 
    • The data breach took place in June when a database shared between the Department of Health and law enforcement agencies was exposed by a third-party vendor.
    • Information stored in the database was used to establish an online portal designed to reduce the chances of law enforcement officers and medics' catching the novel coronavirus in the course of performing their duties.
    - Sarah Coble | August 25, 2020
  • (hak-iq.us20.list-manage.com)
  • The Dangers of Data Scraping: Do You Know What’s Out There?

    • Data scraping refers to a computer program or bot that extracts human-readable data from another program, site, or platform.
    • Data scraping can open the door to spear phishing attacks; hackers can learn the names of superiors, ongoing projects, trusted third parties, etc.
    • Essentially, everything a hacker could need to craft their message to make it plausible and provoke the correct (rash and ill-informed) response in their victims.
    - Ben Canner | August 24, 2020
  • (hak-iq.us20.list-manage.com)