NSA, CISA Warn of Threats to US Critical Infrastructure

Internet-accessible OT assets are becoming more prevalent across the 16 U.S. critical infrastructure sectors as companies increase remote operations and monitoring, accommodate a decentralized workforce, and expand outsourcing of key skill areas such as instrumentation and control, OT asset management/maintenance. OT and IT Discovery & Mgt. plus secure remote access will remain hot areas. Full article here…

RSA 2020: In the Wake of a Major Breach, Equifax Makes Ambitious Changes

Great presentation by Jamil at RSA which outlined their staggering cyber spend commitment, 1.25b to be a leader in this space and focus improvement areas including organizational culture; compliance with regulations and certification requirements; its relationship with customers; and its specific cybersecurity controls, especially its tools and policies. Full article here

Every voter in Israel just had their data leaked in ‘grave’ security breach

Another story about lost PII, exposing gaps in cyber controls. All 6.5 million voters in Israel have just had their personal data leaked, reports the New York Times. The full names, addresses, and identity card numbers are among the information that was leaked about every eligible voter in the country. In some cases, phone numbers were also[…]

US Conflict With Iran Sparks Cybersecurity Concerns

After an Iranian general was killed in a U.S. drone strike in Baghdad late Thursday night, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses. No doubt, tension in Middle East will spark more attacks and[…]

First American Financial website leaked 885 million documents

Yikes, major exposure!   About 885 million documents, including bank account numbers, mortgage records, Social Security numbers, drivers’ license images and tax records, have been leaked by First American Financial Corp.’s website. Anyone with a web browser and a URL for a legitimate document could access the real estate title company’s records. Full article here…

Anthem’s $16M breach settlement reminds others to assess their cyber risks

Another example why Healthcare companies must invest in unconventional controls to protect their members and patients. This is not a simple check box process, the bad guys continue to change tactics and build game plans how to beat existing products and known controls. Brand, reputation, trust at stake. Read full article here

What We Know About the Facebook Hack Affecting 50 Million Accounts

More issues with exposed credentials On Friday, Facebook announced that it had discovered evidence of a security breach affecting almost 50 million accounts. The company’s investigation is in its early stages, so there are still many unknowns about the cyberattack. Here’s a rundown of what we know so far based on the details that Facebook has released[…]

Scammers steal half-a-billion pounds from UK banking customers

Industry group UK Finance said £145m of that was due to authorised push payment (APP) scams, in which people are conned into sending money to another account. But £358m was lost to unauthorised fraud, which includes transactions made without account holders’ knowledge. Unauthorised fraud victims are usually refunded by their banks, but most victims of[…]