InfoSecSherpa Newsletter — 13 May 2021
3 min readMay 13, 2021
- How should we address cyber-security?
(Research Information, 13 May 2021)
The Scholarly Networks Security Initiative (SNSI) brought together an expert panel at this year’s STM Spring Conference to discuss the threat cybercrime is posing to universities and research institutions, individuals, and the wider scholarly ecosystem; the conclusion of the discussion being neatly summed up by panelist Dan Ayala’s final words of advice: to stop, collaborate and listen. - DOL Proffers Three-Pronged Guidance on Cybersecurity Breaches for Retirement Plans
(Bloomberg Tax, 13 May 2021)
Anne Tyler Hall and Eric Schillinger of Hall Benefits Law outline three pieces of cybersecurity guidance issued last month by the Department of Labor for employer-sponsored retirement plans. - Elisabetta Belloni named as first woman to head Italy secret service
(The Indian Awaaz, 13 May 2021)
A former ambassador has been named as the first woman to lead Italy’s secret services. Prime Minister Mario Draghi announced Elisabetta Belloni as head of the Department of Information Security (DIS) on Wednesday. - UH graduates’ bank information compromised in data breach of cap and gown supplier
(Click 2 Houston, 13 May 2021)
Herff Jones, a graduation cap and gown supplier for the University of Houston, experienced a data breach that has compromised students’ bank information. - Iowa Becomes the Latest State to Adopt the NAIC Model Cybersecurity Law
(JD Supra / Hinshaw, 12 May 2021)
On April 30, 2021, Iowa Governor Kim Reynolds signed into law the Iowa Insurance Data Security Act, making Iowa the latest state to adopt the National Association of Insurance Commissioner’s model cybersecurity law. - Hackers post hundreds of pages of purported internal D.C. police documents
(The Washington Post, 13 May 2021)
Hackers who have infiltrated the D.C. police department’s computer network have posted hundreds and possibly thousands of purported department documents, many containing what appears to be information related to gang and crew intelligence. - Most developers admit releasing vulnerable applications
(Beta News, 13 May 2021)
A new study shows that 81 percent of development teams have knowingly pushed vulnerable code live, with 20 percent of senior managers even admitting to doing so often. - The Biggest Cybersecurity Threats for Rental Business Owners
(For Construction Pros, 13 May 2021)
There has never been a better time to make sure that your rental business’ data and cybersecurity practices are up-to-date and running as efficiently as possible. - Cloud compromise now the biggest cybersecurity issue for financial institutions
(Help Net Security, 13 May 2021)
Infoblox unveils a research into how the COVID-19 shutdowns challenged the financial services industry’s core infrastructure. - Attackers abuse Microsoft dev tool to deploy Windows malware
(Bleeping Computer, 13 May 2021)
Threat actors are abusing the Microsoft Build Engine (MSBuild) to deploy remote access tools (RATs) and information-stealing malware filelessly as part of an ongoing campaign.
