InfoSecSherpa Newsletter — 25 June 2021
3 min readJun 25, 2021
- 7 steps HR needs to take today to beef up cybersecurity
(Human Resource Executive, 24 June 2021)
HR and IT leaders need to collaborate in fostering a culture of cybersecurity, ensuring employees across departments understand how they can help avoid a costly data breach. - NIST publishes draft cybersecurity framework for ransomware risk management
(Security Magazine, 24 June 2021)
The National Institute of Standards and Technology (NIST) has published a new draft on ransomware guidance for organizations. The document features advice on how to defend against the malware, what to do in the event of an attack, and how to recover from it. - Department of Energy asks Congress for $201 million to bolster cybersecurity in wake of attacks
(CNBC, 24 June 2021)
The Department of Energy is asking Congress for $201 million in its budget request for the fiscal 2022 to address digital vulnerabilities after a steady uptick in sweeping cyberattacks. - Why we need a fire code approach to cybersecurity
(The Hill, 24 June 2021)
The crescendo is building for a national standard for cybersecurity — and maybe even for some type of regulation — in the wake of increasing cyberattacks that are targeting a wide range of industries and paralyzing companies whose goods and services overlap with the public interest. - Networks Have Changed Forever, and So Must Cybersecurity
(Harvard Business Review, 24 June 2021)
As global workplace shutdowns in response to the pandemic created an immediate need for work-from-home (WFH) solutions, network and security teams — already struggling to support digital innovation efforts and introduce network devices and edges — suddenly had to create effective and secure ways for employees and stakeholders to connect and communicate. - Cybersecurity Framework Between Countries Key to Combatting Cyberattacks, Conference Hears
(Broadband Breakfast, 24 June 2021)
An agreement on policies between countries will be an important step toward mitigating cyberattacks, according to a panel of experts at a Stimson Center Webinar convened earlier this month. - Ukrainian member of FIN7 cybercrime gang sentenced in United States
(Defence Web, 25 June 2021)
A Ukrainian hacker was sentenced to seven years in prison for his role in a notorious cybercrime group that stole millions of credit and debit card details from across the United States, the Department of Justice said Thursday. - Hackers Crack Pirated Games with Cryptojacking Malware
(Threatpost, 25 June 2021)
A new Monero cryptojacking malware distributed via “cracked” versions of popular online games is wiping out antivirus programs (AVs) and surreptitiously mining cryptocurrency in more than a dozen countries, researchers have found. - Western Digital My Book Live devices being remotely wiped by attackers
(Apple Insider, 25 June 2021)
Western Digital customers worldwide are discovering that years of data have been wiped clean without a trace and seemingly factory reset. Additionally, users cannot log into their devices with their user-set passwords or the manufacturer’s default password. - Spam Downpour Drips New IcedID Banking Trojan Variant
(Threatpost, 24 June 2021)
The primarily IcedID-flavored banking trojan spam campaigns were coming in at a fever pitch: Spikes hit more than 100 detections a day.
