Global Cyber News Digest

Events

Cyber Insider Podcast

Press Room

Daily News Digest

Stay current on the global cyber threat landscape and industry developments with CCOE’s daily digest and library of cybersecurity news and articles.

  • SAP Admits to Security Lapses in Some Products, but Says There Was No Data Breach

    • Business software group SAP disclosed on Tuesday that some of its cloud products did not meet contractual or statutory security standards and said it would take remedial action to fix the problem as soon as possible.
    • While SAP, Europe’s most richly valued technology company, declined to elaborate on a statement it issued overnight, the news follows management turmoil and a reduction to its profit forecast due to the coronavirus pandemic.
    • Analysts said it could dampen enthusiasm among SAP’s client base to back a digital transformation in which it is seeking to shift the operation of enterprise, human resources and marketing applications to off-site datacenters from its traditional model of putting servers at customer locations.
    Insurance Journal - Douglas Busvine and Nadine Schimroszik | May 6, 2020
    hak-iq.us20.list-manage.comMay 6, 2020

  • How your passwords can end up for sale on the dark web

    • Hundreds of millions of accounts are compromised every year in data breaches through phishing, malware and other types of attacks.
    • More than 11.6 billion records have been breached since 2005, according to a running tally by California-based nonprofit Privacy Rights Clearinghouse.
    • Those accounts are often then dumped on hacker forums or put up on the dark web, a collection of websites that can only be accessed by a special type of browser called Tor (it stands for The Onion Router, and dark web sites end with .onion).
    • Originally created by the US Navy in 2002 to enable anonymous online communication, the system's enhanced encryption and anonymity means it's often used for illegal activity, including drug sales.
    CNN Business - Rishi Eyengar | May 6, 2020
    hak-iq.us20.list-manage.comMay 6, 2020

  • Why remote working need not mean ‘vulnerable to cyber-attack’

    • Now that the pandemic has forced governments to keep us safe by imposing lockdowns, CISOs and their teams have more or less the same challenge in front of them: keep data and infrastructure safe under a completely different office dynamic.
    • From a cybersecurity perspective, we can be certain bad actors will look to exploit the fact that new, unprotected endpoints have now suddenly been thrust upon many corporate domains.
    • An important element of control has been obliterated by necessity, even as it has given rise to new efficiencies.
    tahawultech.com - Adelle Geronimo | May 5, 2020
    hak-iq.us20.list-manage.comMay 5, 2020

  • Critical SaltStack vulnerabilities exploited in several data breaches

    • SaltStack patched two critical vulnerabilities in its software last week, but hackers used the flaws over the weekend to breach several unpatched networks, including DigiCert's.
    • SaltStack issued a statement confirming that attacks had occurred and urging customers to update their software to prevent further breaches and follow best practices to harden their Salt environments.
    SearchSecurity - Rob Wright | May 5, 2020
    hak-iq.us20.list-manage.comMay 5, 2020

  • GoDaddy Confirms Data Breach: What Customers Need To Know

    • The world's largest domain registrar, GoDaddy, with 19 million customers, has disclosed a data breach impacting web hosting account credentials.
    • Upon an investigation of the incident, it was determined that an "unauthorized individual" had gained access to login credentials that meant they could "connect to SSH" on the affected hosting accounts.
    Forbes - Davey Winder | May 5, 2020
    hak-iq.us20.list-manage.comMay 5, 2020

  • PROTECTING PHARMACY AGAINST DATA BREACHES

    • Despite debates about data privacy, three million Australians downloaded the new tracing app, COVIDSafe, within 72 hours of its launch by the Federal Government last month to help track the spread of coronavirus.
    • We expect that our data will be protected, whilst we happily say ‘yes’ to cookies, do our banking online, and allow apps such as Twitter, Facebook and Skype to track our movements.
    • Governments have been playing catch up with legislation to protect online data.
    • The European Union introduced its General Data Protection Regulation (GDPR) laws in 2016. Australia introduced the Notifiable Data Breach Scheme (NDBS) and mandatory reporting of data breaches in 2018.
    AJP | May 4, 2020
    hak-iq.us20.list-manage.comMay 4, 2020

  • Can the CCO and CISO Work in Harmony?

    • The TalkTalk data breach, in particular, saw “free rein” given to the CISO to strengthen the organization’s cybersecurity strategy in an effort to keep the hackers at bay.
    • The chief cybercrime officer (CCO) - this role is responsible for ensuring the organization is cyber-ready and is in charge of mitigating breaches, taking the lead if a breach does arise and providing the much-needed link between the board and the rest of the company to reduce risk and work collaboratively to resolve issues as they occur.
    • With it being well-documented that cybersecurity must become far more central to C-suite strategies, this role eases the load on the CISO and makes sure the organization can get—and stay—one step ahead of hackers in the continuous cybercrime race.
    Security Boulevard - Matt Cable | May 4, 2020
    hak-iq.us20.list-manage.comMay 4, 2020

  • Florida Gulf Coast University's virtual commencement faces cyber attack, postponing the ceremony

    • Here at Florida Gulf Coast University the administration wanted to honor their students, by providing a virtual graduation.
    • Unfortunately, that was not the case, due to a cyberattack on the host site StageClip, leaving FGCU students disappointed yet again.
    FOX4 - Leslie DelasBour | May 3, 2020
    hak-iq.us20.list-manage.comMay 3, 2020

  • COVID-19 News: FBI Reports 300% Increase in Reported Cybercrimes

    • The FBI’s IC3, or its Internet Crime Complaint Center, has reported a major increase in received cybersecurity complaints each day, according to The Hill — who goes on to explain that the number of cybersecurity complaints went up from 1,000 complaints every day, to over 3,000 to 4,000 per day since the beginning of the COVID-19 pandemic.
    • While we can’t say for sure whether there was an unreported massive data breach that caused the increase in COVID-19 cyber-attacks, we can definitely assume that these reported data breaches paved the way for quite a few of them.
      IMC Grupo - Jenna Walter | May 2, 2020
    IMC Grupo - Jenna Walter | May 2, 2020
    hak-iq.us20.list-manage.comMay 2, 2020

  • Zoom Faces Ongoing Tide of Security and Privacy Lawsuits

    • Since its explosion in popularity due to widespread teleworking, Zoom has faced a significant increase in litigation.
    • The most recent class action complaint filed against Zoom claims that it broke its contract with plaintiffs over privacy violations.
      LAW|STREET - Kirsten Errick | May 1, 2020
    Kirsten Errick | May 1, 2020
    hak-iq.us20.list-manage.comMay 1, 2020