Global Cyber News Digest

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • Stolen Data: The Gift That Keeps on Giving

    • We have all received at least one email disclosing to us that the personal information we provided to an organization was leaked or stolen.
    • Considering the amount of publicity these incidents receive, does the data from well-known mega-breaches have any value within the underground economy, and do end users continue to be affected today? Many people may be surprised by the answer...
    - Christian Lees | August 19, 2020
    hak-iq.us20.list-manage.comAugust 19, 2020
  • Two-fifths of firms have sacked staff for cybersecurity breaches during Covid, poll shows

    • Almost two-fifths of business decision-makers (39 per cent) have dismissed employees because of a cybersecurity policy breach since the pandemic began, a survey has found.
    • To combat poor employee security practices, more than half (55 per cent) of those surveyed had banned, or planned to ban, staff from using personal devices to work from home.
    - Elizabeth Howlett | August 18, 2020
    hak-iq.us20.list-manage.comAugust 18, 2020
  • Taking Care of Your Data Responsibilities in a Shared Responsibility Model in the Cloud

    • What many clients don’t realize is that whilst the third party’s infrastructure is secured and regularly tested, your implementation of the environment is not.
    • Take AWS, one of the popular cloud service and infrastructure providers, for example. They work on a Shared Responsibility Model. Their (AWS) backend is secured, but the client is responsible for the configuration of their own environment, services and even encryption setting.
    • Cloud deployments aren’t reducing your responsibilities of data protection. They’re increasing your attack surface and threat landscape of data you’re still responsible for protecting.
    - Zoe Rose | August 18, 2020
    hak-iq.us20.list-manage.comAugust 18, 2020
  • Insights from Verizon’s COVID-19 Breach Landscape Report: Working From Home (WFH) leads to greater vulnerability

    • Verizon recently released an update to its 2020 Verizon Data Breach Investigations Report examining the impact of the COVID-19 pandemic on cybersecurity and how our changing work patterns to deal with the crisis are open for potential exploitation by hackers.
    • Verizon’s report highlights four specific cyber challenges that have emerged this year as a result of the pandemic: the continued increase in human error, the focus on stolen credential-related hacking, the spike in the use of ransomware, and phishing emails’ manipulative play on emotions.
    - PCI Pal | August 18, 2020
    hak-iq.us20.list-manage.comAugust 18, 2020
  • Tusla suffers 23 'high risk' data breaches - including stolen files and loss of devices - since last year

    • THE CHILD AND family agency Tusla has suffered over 200 data breaches in the space of just over a year and a half including 23 that were classified as “high” risk.
    • The cases included the loss of an unencrypted device, unauthorised access to personal data, files getting lost or stolen, and deliberate disclosures of sensitive information.
    .ie - Ken Foxe | August 17, 2020
    hak-iq.us20.list-manage.comAugust 17, 2020
  • The Ritz suffers data breach after hackers pose as staff

    • On 12 August, cyber criminals pretending to be Ritz employees managed to obtain an unknown amount of restaurant guests’ personal data, including information on their meal bookings. The scammers allegedly made phone calls to the guests asking to provide a confirmation of the reservations by sharing their bank details.
    • A spokeswoman for the establishment told IT Pro that it is taking the breach “very seriously” and added that The Ritz is “working hard to resolve the issue and ensure the security of all our customers’ information”.
    - Sabina Weston | August 17, 2020
    hak-iq.us20.list-manage.comAugust 17, 2020
  • Government denies successful cyber attack shows failure of systems

    • The federal government’s top IT officer says that last week’s credentials stuffing hack of 11,000 tax and service accounts of Canadians does not mean its systems failed to protect people’s information.
    • Asked why the government didn’t implement two-factor authentication long ago for all external user logins, Marc Brouillard (Acting CIO) acknowledged some 2FA systems would have stopped these attacks, particularly those requiring users have a USB key or a device that generates the second factor.
    - Howard Solomon | August 17, 2020
    hak-iq.us20.list-manage.comAugust 17, 2020
  • Think 3,2,1 to protect your business against ransomware

    • There are two major audiences that should be targeted from an education perspective: IT staff and organizational users. It’s important to target both groups as threats can be introduced from both personas.
    • The main points of entry into a business for ransomware is through Remote Desktop Protocol (RDP) or other remote access mechanisms, phishing and software updates.
    • Put simply, in most cases cyber-attackers are not made to work as hard as they should to fetch big prizes.
    • The 3-2-1 rule recommends that there should be at least three copies of important data, on at least two different types of media, with at least one of these copies being off-site.
    - Sandeep Bhambure | August 17, 2020
    hak-iq.us20.list-manage.comAugust 17, 2020
  • Not concerned about cyber crime? This business owner’s story might be a wake-up call

    • For all the media coverage that cyber security has attracted over the past couple of months, many businesses I speak to still struggle to understand how cyber crime can target small business.
    • If you wonder what sensitive information your business might have, and the vulnerabilities that could be exploited by cyber criminals, then consider taking similar steps to safeguard your business for the future.
    SmartCompany
    hak-iq.us20.list-manage.comAugust 16, 2020
  • COVID-19: A wake-up call for businesses to protect their networks and disarm cyber criminals

    • History has shown that in times of chaos, criminals often take control. There is no denying that COVID-19 has amplified the occurrence of malicious online activity, attacking vulnerable businesses already weakened by prolonged lockdowns.
    • The government recently announced it is increasing its spending on cyber security to $1.664 billion in a move to raise awareness on cyber threats, disrupt foreign cyber criminals and create more than 500 jobs in the sector over the next 10 years. (Australia)
    • Embedding cyber security programs across different levels and sectors is the first step in inspiring people with diverse skillsets to participate in the industry.
    Mirage | August 17, 2020 (Australia)
    hak-iq.us20.list-manage.comAugust 16, 2020