Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days.
Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back each Friday for highlights of the goings-on each week!
LinkedIn Wednesday confirmed that at least some passwords compromised in a major security breach correspond to LinkedIn accounts. LinkedIn Security professionals suspected that the business-focused social network LinkedIn suffered a major breach of its password database. Recently, a file containing 6.5 million unique hashed passwords appeared in an online forum based in Russia.
Uber, PayPal and even Netflix accounts have become much more valuable to criminals, as evidenced by the price these stolen identifiers now fetch on the Deep Web. Stolen Uber account information on underground marketplaces sells for an average of $3.78 per account, while personally identifiable information (PII) was listed for $1 to $3.30 on average, oddly down from $4 per record in 2014.
Board members are now facing lawsuits after large-scale cybersecurity breaches because the security breakdowns are considered a failure to uphold fiduciary duties. The Department of Justice has recently provided guidelines for cybersecurity awareness for board members.
The US Food and Drug Administration issued draft guidelines this past week to address medical devices’ cybersecurity and give manufacturers more concrete requirements when it comes to assessing the security of their products. The agency first warned manufacturers about security vulnerabilities in June, and these guidelines build off that initial release.
The Pentagon has delayed for almost two years a requirement that as many as 10,000 companies show that they have systems to protect sensitive but unclassified information from cyber-attacks before signing new defense contracts.
The computer systems that run our world—the ones that secure our financial information, protect our privacy and even keep our power grid running—all have a critical, unpatchable weakness. It’s the humans who use them.
The range of recent high-profile digital attacks—from Sony to OPM to Home Depot—has only intensified Hollywood’s fascination with the hacking culture. Hollywood often sensationalizes hackers and the hacking community, frequently portraying a shady, isolated male character who uses his computer skills with malicious intent.
Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.