InfoSecSherpa Newsletter — 21 May 2021
- ‘Russian Keyboard’ could protect you from potential cyber hack, expert says
(Newstalk, 20 May 2021)
The ransomware software comes in and it checks first of all to see if there’s a Russian keyboard installed.
- Software engineer from Mexico is crowned Miss Universe 2021
(Evening Standard, 17 May 2021)
Andrea Meza, who has a degree in software engineering, said her career in STEM (an acronym for science, technology, engineering and math) also taught her many valuable life skills, including organization and project management.
- DHS Partners with South Korea for Aviation Security
(Newswise, 21 May 2021)
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has signed an agreement with the Ministry of Land, Infrastructure and Transport of the Republic of Korea (MOLIT), which authorizes the two countries to conduct a field demonstration of S&T-funded technology in civil aviation security.
- Integrated cyber attack analysis platform “NIRVANA Kai” supports IPv6
(EurekAlert, 21 May 2021)
The Cybersecurity Laboratory of the National Institute of Information and Communications Technology (NICT, President: TOKUDA Hideyuki, Ph.D.) has enhanced its cyber attack integrated analysis platform “NIRVANA Kai” to support the Internet Protocol version 6 (IPv6), the successor to IPv4.
- Now Your Car is a Cybersecurity Risk, Too
(EE Times, 21 May 2021)
The automotive industry started taking cybersecurity seriously about six years ago and started investing in designing and deploying cybersecurity solutions. The auto industry is now deploying cybersecurity hardware and software, but there is a long road ahead to get every ECU in the car protected against increasingly cyberattacks.
- Go read this feature on the 2011 RSA hack that redefined cybersecurity
(The Verge, 21 May 2021)
Wired has published an in-depth feature on the 2011 hack of security company RSA, in which hackers stole the so-called “crown jewels of cybersecurity,” the secret keys forming a “crucial ingredient” of its SecurID two-factor authentication devices. It would go on to “redefine the cybersecurity landscape” with huge implications for not just RSA, but also the organizations that relied on its devices for their own security.
- CIAS K-12 Cybersecurity Program awarded grant to expand cybersecurity awareness nationwide
(EurekAlert, 21 May 2021)
The Gula Tech Foundation has awarded UTSA’s Center for Infrastructure Assurance and Security (CIAS) a $250,000 grant to raise public awareness about cybersecurity. The foundation distributed $1 million in grants across seven winners, with the CIAS being recognized as its first-place recipient.
- New survey finds that password hygiene amongst cybersecurity leaders is lacking
(Security Magazine, 21 May 2021)
Constella Intelligence research reveals that one in four cybersecurity leaders use the same passwords for both work and personal use; more than half experience account takeover first-hand.
- How to keep your cybersecurity test from going off the rails
(Raconteur, 20 May 2021)
West Midlands Trains learned the hard way that hoaxing your own staff may not be the best PR exercise, but is it an effective way to test cybersecurity resilience?
- Owners of Colonial Pipeline Hit With Class Action Regarding Allegedly Deficient Cybersecurity Following Hack, Showing All Data Breaches Carry Litigation Risk
(The National Law Review, 20 May 2021)
This week, owners of the Colonial Pipeline were hit with a putative class action that was filed in federal court in Georgia. Dickerson v. CDCP Colonial Partners, L.P., Case №1:21-cv-02098 (N.D. Ga.).