Search
Close this search box.

Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • State announces COVID-related data breach

    • The Division of Public Health announced a data breach Sunday affecting approximately 10,000 people, although the agency noted there is no evidence of any attempt to misuse any of the information.
    • According to DPH, a temporary agency staffer accidentally sent unencrypted emails containing COVID-19 test results for around 10,000 Delawareans on Aug. 13 and Aug. 20 to an unauthorized user. The Aug. 13 email included test results for individuals tested between July 16 and Aug. 10, while the Aug. 20 email had results for people tested on Aug. 15.
    • The emails, meant for distribution to call center staff who assist individuals in obtaining their test results, were sent to a single unauthorized user by mistake.
    - Matt Bittle | November 15, 2020
    hak-iq.us20.list-manage.comNovember 15, 2020

  • Learning from data breaches: The importance of the fundamentals

    • “It’s all too easy to get caught up in the headlining data breaches that we’re seeing so frequently today and to think “we’re not that dumb””
    • Criminals are lazy. They won’t fight tooth and nail to get into a target if they can sneak in elsewhere, and oftentimes, the job is actually made quite easy for them.
    • Whether it’s ransomware, malware, SQL injection or even phishing, it seems as though we’re reading about brand new breaches every few days.
    • Protecting modern IT systems is surprisingly easy.
      • First, it all starts with an attitude to not be apathetic about security, to not assume that “everything will be ok” when using default settings for software and hardware.
      • Second, it is important to discard the obsolete notions that the default behavior of security systems is to trust everybody.
    - Kevin Kline | November 13, 2020
    hak-iq.us20.list-manage.comNovember 13, 2020

  • Data Breach Hits 30 Million Texan Drivers

    • Vertafore claimed in a notification this week that, due to human error, three files were stored in an unsecured third-party service which was subsequently accessed without authorization.
    • The firm was unable to say exactly when this happened — only that it occurred at some point between March 11 and August 1. Having detected the incident in mid-August, it’s unclear why it then took the firm three months to notify those affected.
    • “The files, which included driver information for licenses issued before February 2019, contained Texas driver license numbers, as well as names, dates of birth, addresses and vehicle registration histories..."
    • The firm said in its FAQs that “we are not aware of any way this information could be used to commit fraud.
    - Phil Muncaster | November 13, 2020
    hak-iq.us20.list-manage.comNovember 13, 2020

  • Almost Four-In-Ten Data Breaches Are Caused By Stressed, Tired Employees

    • With remote workers facing distractions from childcare to delivery drivers ringing the doorbell, employees are likely to make simple mistakes such as sending an email to the wrong person, possibly exposing sensitive data.
    • Due to the pandemic, 93% of businesses have reported an increase in outbound emails, with one-in-two IT leaders reporting an increase of over 50%.
    • Data breaches as a result of outbound email are often overlooked and underreported, meaning businesses and people aren’t aware of the true scale of the problem. In fact, the ICO recently reported misdirected emails are the #1 cause of categorised incidents reported, and responsible for 44% more incidents than phishing attacks.
    news
    hak-iq.us20.list-manage.comNovember 12, 2020

  • DATA BREACH POTENTIALLY EXPOSES DETAILS OF MILLIONS OF BOOKING.COM AND EXPEDIA CUSTOMERS

    • The breach was uncovered by Website Planet, which found that Prestige Software, a company responsible for a hotel reservation system used by booking.com and Expedia, had been storing years’ worth of credit card data from hotel guests and travel agents without any protection in place.
    • Extremely sensitive data from as far back as 2013 was being incorrectly stored, with details including credit card and CVV numbers, full names, addresses and ID numbers of guests and comprehensive details about customers’ reservations all unprotected.
    • Other companies that use Cloud Hospitality and whose customers may have been at risk include Agoda, Amadeus, Hotels.com, Hotelbeds, Omnibees and Sabre.
    - Helen Coffey | November 11, 2020
    hak-iq.us20.list-manage.comNovember 11, 2020

  • Veterans Day Facts

    • Veterans Day occurs on November 11 every year in the United States in honor of the “eleventh hour of the eleventh day of the eleventh month" of 1918 that signaled the end of World War I, known as Armistice Day.
    • In 1954, President Dwight D. Eisenhower officially changed the name of the holiday from Armistice Day to Veterans Day.
    • In Europe, Great Britain and the Commonwealth countries it is common to observe two minutes of silence at 11 a.m. every November 11.
    • 18.2 million living veterans served during at least one war as of 2018.
    • 9 percent of veterans are women.
    • 7 million veterans served during the Vietnam War.
    • 3 million veterans have served in support of the War on Terrorism.
    • Of the 16 million Americans who served during World War II, about 325,000 were still alive as of 2020.
    • 2 million veterans served during the Korean War.
    • As of 2019, the top three states with the highest percentage of Veterans were Virginia, Wyoming, and Alaska.
    HISTORY
    hak-iq.us20.list-manage.comNovember 11, 2020

  • Breaking down a four-step process to email security

    • Users working on any email platform must communicate effectively and securely while helping their organization fight against phishing, account takeovers, data breaches, and business email compromises. Companies can do this by creating a multi-layered approach to security that everyone understands and knows like a second language.
    • What makes an email security product effective? It revolves arounds four fundamental tenets: analyze, detect, protect, and respond.
    • The ability to analyze, detect, protect and respond at the moment of risk helps security teams follow a fact-based approach to email security.
    - Kevin O'Brien | November 9, 2020
    hak-iq.us20.list-manage.comNovember 9, 2020
  • 5 Reasons Why Web Security Is Important to Avoid Ransomware
    1. Ransomware Is a Result of Attack Escalation
    2. Web Attacks Are Used to Spread Ransomware
    3. Move to Cloud Means that More Criminals Aim for the Cloud
    4. Organizations Do Not Report Attack Details
    5. Media Focuses on the Problem, Not the Solution
    - Tomasz Andrzej Nidecki | November 9, 2020    hak-iq.us20.list-manage.comNovember 9, 2020

  • Cyber threat: Avoiding the phishing net

    • According to Verizon’s 2018 Data Breach Investigations Report, email is the number one vector used for 92.5% of malware distribution and 96% of phishing attacks.
    • Ever since the occurrence of the Covid-19, cybercriminals have been launching phishing email attacks to exploit the pandemic fear for their malicious gain. Within the span of the first four months of 2020, 18 million Covid-19 phishing emails were blocked by Gmail every day. In addition to that, in one week, 240 million Covid-19 spam emails were blocked on a daily basis.
    • According to a Threat Report, around 1.5 million new phishing websites are created every month.
    • Secure outbound mail flow with email authentication protocols like DMARC, SPF and DKIM. It further protects the email domain against spoofing and other email-based attacks.
    - Pavan Kushwaha | November 9, 2020
    hak-iq.us20.list-manage.comNovember 9, 2020

  • Case for Identity and Access Management

    • On average, five hours every week was spent just managing user passwords, a 25 per cent increase from the results gathered in a similar survey in 2019.
    • Not surprisingly many respondents (45 per cent) expressed frustration at the time spent managing passwords. Of greater concern, however, was users forgetting their passwords and using the same password across multiple applications.
    • Many businesses use Microsoft Active Directory (AD) to manage their users. It is the single source of truth about who works at a company, the things they need to access and their permission levels.
    • Many people use the same password for multiple online services. If one of these is compromised the hackers gain access to, potentially, millions of email address and password combinations that they can use try and gain access to other services, including corporate resources.
    • This article appears to be an advertisement for LastPass. My goal was/is to get us thinking about IAM, not necessarily LastPass.
    - Tony Kirkby | November 9, 2020
    hak-iq.us20.list-manage.comNovember 9, 2020

451 A Street, Suite 500
San Diego, CA 92101

[email protected]

CONNECT WITH US

Linkedin Twitter

Cyber Center of Excellence is a San Diego-based nonprofit dedicated to growing the regional cyber economy and creating a more secure digital community for all.

JOIN US
Linkedin Twitter
Cyber Center of Excellence | Privacy Policy  |  Terms & Conditions
Linkedin Twitter
Privacy Policy  |  Terms & Conditions
© 2024 Cyber Center of Excellence