InfoSecSherpa Newsletter — 24 May 2021

InfoSecSherpa — Your Guide Up a Mountain of Information!
  1. 40 new privacy standards approved as cybercrime cases soar 50 per cent
    (The Standard, 24 May 2021)
    According to the Communications Authority of Kenya, cybercrime incidences rose by over 50 per cent in the fourth quarter of last year to 56.2 million from 35.1 million threats reported in the previous quarter.
  2. RIT Cybersecurity Bootcamp cohort trains deaf, hard of hearing students for tech jobs
    (Democrat & Chronicle, 24 May 2021)
    Last fall, the Rochester Institute of Technology introduced a Cybersecurity Bootcamp. The full-time, 15-week course is a virtual simulation, completely online and modeled like a company. Students confront real-world issues in the program, and they leave with the skills to find work in the industry and hit the ground running.
  3. Many CISO’s engage in risky behaviour online
    (TEISS, 24 May 2021)
    A new report by Constella Intelligence has found that many information security leaders are guilty of carrying out poor cybersecurity practices and engaging in risky behaviour online.
  4. MENAISC set to open with 40 global cybersecurity experts
    (Trade Arabia, 24 May 2021)
    Leading cybersecurity conference, the Middle East and North Africa Information Security Conference 2021 is all set to launch on May 25 under the theme “Cybersecurity Vigilance …Continuous Monitoring & Mitigation. Understanding the Impact in a 5G Era.”
  5. Jack Danahy Discusses Why “Cybersecurity-as-a-Service” Makes the Most Sense
    (Techspective, 24 May 2021)
    Enjoy the full episode to learn more about jack’s philosophy on cybersecurity and how to address the challenges we face today. We also talk about the importance of marketing and how to effectively tell a story and help people understand rather than just trying to “sell” them something.
  6. KR recognises SHI’s Ship Cyber Security Simulator
    (Ship Insight, 24 May 2021)
    The Korean Register has awarded recognition fo security risk assessment and vulnerability diagnosis to Samsung Heavy Industries for its ‘Ship Cyber Security Simulator’.
  7. Palo Alto Cortex Xpanse Researchers identify missing metric for a modern SOC
    (Security Magazine, 24 May 2021)
    Palo Alto Cortex Xpanse research team spent the first three months of 2021 monitoring the activities of attackers to better understand how much of an edge adversaries have in detecting systems that are vulnerable to attack. They followed a benchmark that they call “mean time to inventory” (MTTI), which is simply how long it takes somebody to start scanning for a vulnerability after it’s announced.
  8. This massive phishing campaign delivers password-stealing malware disguised as ransomware
    (ZD Net, 24 May 2021)
    Java-based STRRAT malware creates a backdoor into infected machines — but distracts victims by acting like ransomware.
  9. Zeppelin ransomware comes back to life with updated versions
    (Bleeping Computer, 24 May 2021)
    The developers of Zeppelin ransomware have resumed their activity after a period of relative silence that started last Fall and started to advertise new versions of the malware.
  10. Tulsa computer system hacks stopped by security shutdown
    (The Oklahoman, 23 May 2021)
    Most residents of Tulsa are being prevented from paying their water bills after the city shut down its computer network as a security measure following an attempted ransomware attack, a city official said Friday.
InfoSecSherpa — Your Guide Up a Mountain of Information!

#Librarian turned #InformationSecurity professional. Your guide up a mountain of information!