InfoSecSherpa Newsletter — 06 May 2021
- Government of Canada investing to position Canada as a global leader in cyber security
(Cision, 06 May 2021)
$80-million investment will support cyber security research and development, commercialization, and skills and talent development.
- The need for privacy in vaccine passport policies
(Med City News, 06 May 2021)
Let’s be careful and deliberate about what we decide to do with vaccine passports. Considerable consequences to individual freedoms — as well as both societal and public health — are at stake.
- Unbreakable invisible ink encryption could help secure paper records
(Engineering & Technology, 06 May 2021)
An uncrackable combination of invisible ink and artificial intelligence to protect written records has been proposed by researchers.
- Infosec Announces New Cyber Training Program for Federal Agencies and Contractors
(Yahoo! Finance, 06 May 2021)
Infosec, the leading cybersecurity education provider, today announced Infosec Skills Unlimited, a new program to equip federal agencies and contractors with cyber certification and training resources to meet Department of Defense 8570.01-M and Cybersecurity Maturity Model Certification Accreditation Body (CMMC-AB) compliance requirements.
- What Covid-19 Revealed About The Lack Of Household Cybersecurity In The U.S.
(Forbes, 06 May 2021)
Two-thirds of parents surveyed expressed fear that their family would become the victim of a cyberattack at some point over the next year. That fear was compounded by a majority (51%) feeling that they were more at risk now of being hit by a cyberattack than they were 12 months ago.
- Cybersecurity and heart disease
(TB&P, 06 May 2021)
The mindset that dictates how most of us approach our health also drives how we view cybersecurity. It is natural to avoid such a big topic that we believe there is nothing we can do to influence it. As with most things ignored, every day without tragedy builds an even stronger false sense of security. That false sense of security then confuses the difference between the words “preventable” and “inevitable.”
- DHS Secretary: Small Businesses Hard-Hit by Ransomware
(Gov Info Security, 06 May 2021)
About 50% to 70% of all ransomware attacks in the U.S. are targeting small and medium-sized businesses, costing the victims an estimated total of $350 million in the last year, Secretary of Homeland Security Alejandro Mayorkas said Wednesday in a speech to the U.S. Chamber of Commerce.
- Data leak implicates over 200,000 people in Amazon fake product review scam
(ZDNet, 06 May 2021)
Names, email addresses, and PayPal details were exposed and left online.
- Researchers use PyInstaller to create stealth malware
(Search Security, 05 May 2021)
Academic researchers say the application builder could be used to create undetectable attack bundles that bypass many widely used antimalware programs.
- Malware uses ICMP tunneling for backdoor communications
(IT World Canada, 05 May 2021)
Dubbed Pingback, researchers report that the malware achieves persistence through DLL hijacking, then establishes a covert connection using ICMP (Internet Control Message Protocol) tunnelling to install a backdoor.