Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, catch a preview of the upcoming RSA Conference, learn about underdeveloped cybersecurity capabilities in UK organizations, and read the SolarWinds study that contrasts high cyberattack awareness with low preparedness.
Drupal is the latest platform to issue an emergency patch for a critical vulnerability. The issue (CVE-2018-7600) allows an attacker to execute code remotely with little effort.
Enterprise chief information security officers have their work cut out for them in the current threat landscape. As attack and infection strategies become more complex and difficult to predict, the business’s CISO must ensure that the organization’s most critical information assets and the systems that support them are secure.
A huge ransomware attack hit the city of Atlanta last week and officials are scrambling to get their systems back up and running. This has meant that many city employees have been operating with pen and paper after being told to turn off their computers.
As the General Data Protection Regulation (GDPR) is fundamentally a legal obligation, the role of the legal department is significant on the road to GDPR compliance.
Trend Micro shares what to expect at RSAC regarding the GDPR and the three models of Microsegmentation.
As new trends and developments in the malicious mining of cryptocurrency emerge, a smart and sustainable way of detecting these types of threats is swiftly becoming a cybersecurity necessity.
Email is the No. 1 threat vector. Ninety-four percent of ransomware in 2017 used email to spread. Business Email Compromise (BEC) attacks, including CEO fraud, jumped a whopping 106 percent from the first half of 2017 to the second. In the meantime, businesses are moving their email systems to the cloud rapidly.
A Rackspace study finds failure to develop cyber security skills is exposing organizations to cyberattacks and exacerbating the skills gap.
Trend Micro discovered the ChessMaster campaign back in July 2017 as part of our monitoring efforts to protect our customers. At the time, we found ChessMaster targeting different sectors from the academe to media and government agencies in Japan.
Research from SolarWinds MSP revealed that while awareness surrounding cyberattacks is increasing, it is not equating to better preparedness.
It was uncovered that a new Android malware that can surreptitiously use the infected device’s computing power to mine Monero. Trend Micro detects this as ANDROIDOS_HIDDENMINER. This Monero-mining Android app’s self-protection and persistence mechanisms include hiding itself from the unwitting user and abusing the Device Administrator feature (a technique typically seen in SLocker Android ransomware).
Every year, Black Hat Asia gathers security researchers and enthusiasts to demonstrate how technologies and applications can be improved.
TechRepublic shares why warnings by the US Computer Emergency Readiness Team on recent cyberattacks are important and how security professionals should respond.
CSO for Southern Methodist University George Finney discusses why those in the security industry should think of themselves as daring adventurers being driven by their imperfections.
For most people, securing a home wireless network rarely involves more than choosing a unique password. This should come as no surprise: networking is not exactly simple technology. A home network can connect all sorts of devices (computers, tablets, mobile phones, gaming consoles, and appliances, to name just a few) so that they can communicate with each other and the internet.
Did any of these studies surprise you? Let me know your thoughts below, or follow me on Twitter: @JonLClay.