InfoSecSherpa Newsletter for 21 June 2021
- Wegmans discloses data breach
(Security Magazine, 21 June 2021)
According to a press release, Wegmans recently became aware that due to a previously undiscovered configuration issue, two of their databases, used for business purposes and internal to Wegmans, were inadvertently left open to “potential outside access.”
- The national cyber director’s first hurdles
(Politico, 21 June 2021)
Weekly Cybersecurity is a weekly version of POLITICO Pro’s daily Cybersecurity policy newsletter, Morning Cybersecurity. POLITICO Pro is a policy intelligence platform that combines the news you need with tools you can use to take action on the day’s biggest stories.
- How Air Gapping Can Protect IP
(Security Boulevard, 21 June 2021)
Not all data is suited for an air gapping model. However, organizations need to remember that digital transformation causes friction. For everything that cloud enables, it also slows things down and creates expenses, like hiring employees with the right skill set.
- Under Scrutiny, Big Ag Scrambles To Address Cyber Risk
(Forbes, 20 June 2021)
The vulnerability disclosure market is expected to grow in value from $223m annually in 2020 to more than $5 billion by the end of the decade.
- Helping charities tackle cybersecurity
(Tech Radar, 21 June 2021)
When you consider that large sums of money are being processed in this sector, along with personal and sensitive information, it is a highly lucrative target for cyber attackers. Yet, according to recent research by the Charity Commission, only half (58%) of charities think cybercrime is a risk.
- SolarWinds hackers could have been waylaid by simple countermeasure -US officials
(Thomson Reuters Foundation News, 21 June 2021)
Following a decade-old security recommendation could have helped stymie the Russian hackers who ran amok across federal government networks last year, the Department of Homeland Security’s digital defense arm said in a letter sent earlier this month.
- How Russian threats within the 2000s turned Estonia into the go-to professional on cyber protection
(CNN Business, 21 June 2021)
Luckily for its residents, Estonia is punching way above its weight when it comes to online safety. It regularly places on top of security rankings. Its capital city of Tallinn is home to NATO’s cyber defense hub, the Cooperative Cyber Defence Centre of Excellence. When it took up the rotating presidency of the United Nations Security Council last year, it made cybersecurity one of the policy priorities.
- Women looking for love say men tricked them into being ‘money mules’
(Today, 21 June 2021)
NBC News investigative and consumer correspondent Vicky Nguyen spoke with the women, who are hoping their stories will warn others away from potentially becoming “money mules,” which theFBI defines as “someone who transfers or moves illegally acquired money on behalf of someone else.”
- Billions paid in cryptocurrency ransomware penalties since Bitcoin’s birth
(Hindustan Times Tech, 21 June 2021)
US regulators imposed $2.5 billion in penalties on the cryptocurrency industry since Bitcoin’s birth in 2009, according to researcher Elliptic. Here’s what you need to know.
- New Buer Malware Loader Spread Through DHL Scam Email
(Security Intelligence, 21 June 2021)
Digital attackers are using fake DHL shipping emails to trick recipients into opening a malicious Microsoft Office document. According to Proofpoint, the DHL scam email leads to an infection of ‘RustyBuer,’ a new variant of the Buer Loader malware family that’s written in the Rust programming language.