InfoSecSherpa Newsletter — 12 May 2021
- Apple failed to disclose security incident affecting 128 million users in 2015
(Security Magazine, 12 May 2021)
Evidence shows Apple managers chose to not disclose this security incident.
- Pending Data Protection and Security Laws At-A-Glance: APAC
(Cyber Security Hub, 12 May 2021)
This is an overview of 3 soon-to-be-enacted regulations that will change the APAC data privacy legal landscape.
- 328 security weaknesses found in Australian local government systems
(IT Pro, 12 May 2021)
A report has been submitted to Parliament underlining the weaknesses of the computer environments in local government entities.
- U.S. Department of Labor Weighs in on Cybersecurity for ERISA Plans
(Lexology / Mayer Brown, 11 May 2021)
On April 14th, 2021, the Department of Labor (“DOL“) issued cybersecurity guidance to plan sponsor and fiduciaries, recordkeepers and other service providers and participants and beneficiaries of plans regulated by the Employee Retirement Income Security Act of 1974, as amended (“ERISA”).
- Patch Tuesday: Microsoft and Adobe unveil solutions to cybersecurity weaknesses
(Verdict, 12 May 2021)
Patch Tuesday is back with Microsoft and Adobe unveiling a smattering of fixes to vulnerabilities across their products.
- UK wants cyber security hub in Africa | News | D.W.
(Medariun Search, 12 May 2021)
The UK government said on Wednesday (12.05) that it was investing the equivalent of 25 million euros in helping vulnerable countries in Africa and the Pacific to build cybersecurity to prevent China, Russia and others from filling the “vacuum in cyberspace”.
- Cloud misconfigurations make 90 percent of companies vulnerable
(Beta News, 12 May 2021)
A large majority of companies that move to multi-cloud environments are not properly configuring their cloud-based services according to a new report from Aqua Security.
- Ransomware: Don’t pay up, it just shows cyber criminals that attacks work, warns home secretary
(ZDNet, 11 May 2021)
Paying the ransom just tells cyber criminals that ransomware attacks are a good way to make money — and there’s no guarantee they’ll keep their word anyway, warns home secretary Priti Patel.
- U.S., Philippine Marines Tackle Cyber Battlefield
(Marines, 11 May 2021)
When addressing the subjects of technology and innovation in his 2020 statement to the Senate Armed Services Committee regarding Marine Corps readiness, the 38th Commandant of the Marine Corps, Gen. David Berger, stated that “it is not just a matter of a straight budget plus up.
- Alaska courts restore email, lack answers on cyber attack
(Associated Press, 12 May 2021)
The Alaska court system said Tuesday it had restored email capabilities nearly two weeks after a cybersecurity attack.