SecureTheVillage – Volunteers Needed for Golf Tournament
Golfer? Cybersecurity Pro? STV CyberLeader? We are looking for 10-15 people to join the STV Golf Committee for the SecureTheVillage’s inaugural golf tournament on October 20, 2021 at Moorpark CC. The tournament will be part of our activities in support of Cybersecurity Awareness Month. The Golf Committee will consist of 10-15 people to help with marketing, logistics, setup, registration, administration, fundraising, etc. Looking to fill these rolls for the committee and have a successful inaugural tournament for the Village. To volunteer or for more information, email Board Member Jason Meshekow at jasonm@intouchis.com.
Individuals at Risk
Cyber Privacy
The Assault on Our Privacy Is Being Conducted in Private: “You have zero privacy anyway,” Scott McNealy, the chief executive of Sun Microsystems, infamously declared more than 20 years ago. “Get over it.” The New York Times, July 13, 2021
Cyber Defense
Instagram rolls out new tool to help users secure hacked accounts: Instagram has begun rolling out a new security feature that will help users secure compromised accounts and kick out hackers. TheRecord, July 15, 2021
Cyber Update
Microsoft Patch Tuesday, July 2021 Edition: Microsoft today released updates to patch at least 116 security holes in its Windows operating systems and related software. At least four of the vulnerabilities addressed today are under active attack, according to Microsoft. KrebsOnSecurity, July 13, 2021
Cyber Warning
FBI warns cryptocurrency owners, exchanges of ongoing attacks: The Federal Bureau of Investigation (FBI) warns cryptocurrency owners, exchanges, and third-party payment platforms of threat actors actively targeting virtual assets in attacks that can lead to significant financial losses. BleepingComputer, July 9, 2021
Cyber Humor
Information Security Management for the Organization
Cybersecurity in the C-Suite & Board
When ‘Later’ Never Comes: Putting Small Business Cybersecurity First: Small- and medium-sized businesses can be victims of digital attacks as much as global ones can. In fact, 88% of small business owners think they’re open to a cyberattack. In response, startups must allocate time and resources to getting the right small business cybersecurity measures, right? If only business realities were that simple. SecurityIntelligence, July 16, 2021
Information Security Management
The Evolving Role of the CISO: Curtis Simpson, CISO at Armis, discusses the top qualities that all CISOs need to possess to excel. ThreatPost, July 16, 2021
Choosing your MSP: What the Kaseya incident tells us about third‑party cyber‑risk: Lessons to learn from the Kaseya cyberincident to protect your business’ data when doing business with a MSP. WeLiveSecurity, July 13, 2021
This Company Was Hit With a Devastating Ransomware Attack—But Instead of Giving In, It Rebuilt Everything: As the threat of ransomware grows, companies have felt pressed to pay massive amounts to hackers holding systems hostage. One business decided not to give in to their attackers’ demands. Time, July 14, 2021
NIST Recommends Agencies Assume They Have Already Been Hacked: The Security Measures publication focuses on running software, while the Recommended Minimum Standards focuses on developing it. BreakingDefense, July 14, 2021
United States Government Launches First One-Stop Ransomware Resource at StopRansomware.gov: WASHINGTON – Today, as part of the ongoing response, agencies across the U.S. government announced new resources and initiatives to protect American businesses and communities from ransomware attacks. The U.S. Department of Homeland Security (DHS) and the U.S. Department of Justice (DOJ), together with federal partners, have launched a new website to combat the threat of ransomware. StopRansomware.gov establishes a one-stop hub for ransomware resources for individuals, businesses, and other organizations. The new StopRansomware.gov is a collaborative effort across the federal government and the first joint website created to help private and public organizations mitigate their ransomware risk. DHS, July 14, 2021
Cyber Warning
SonicWall warns of imminent ransomware campaign on VPN hardware: Current and legacy secure VPN appliances under attack now. ITPro, July 16, 2021
Secure The Human
Comprehensive Security Awareness: An Enterprise-Wide Goal: Headlines have suggested that enterprises need a higher level of security awareness ever since it became clear that firewalls are not enough. Though IT and security leaders are often blamed for an incident, the reality is that security isn’t only security’s job or IT’s job. It’s everyone’s job. And if it’s everyone’s job, then every employee in an organization needs to develop enough sensitivity to the current threats, whatever they may be, to stay mindful and vigilant. In short, everyone should adopt a Zero Trust mindset which requires a Zero Trust culture. CSHub, July 13, 2021
Cybersecurity in Society
Cyber Crime
The 15 biggest data breaches of the 21st century: Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory. CSO, July 16, 2021
How criminals siphoned off unemployment payments directly from recipients’ accounts: As millions of Americans received unemployment payments to get through the crisis, scammers developed a new way to steal cash directly from recipients’ accounts, according to an investigation by CNBC. CNBC, July 16, 2021
Australian organisations are quietly paying hackers millions in a ‘tsunami of cyber crime’: It’s an open secret within the tight-lipped world of cybersecurity. ABC AU, July 15, 2021
‘It was my life’s savings’: How hackers use email phishing scams to steal billions: LAKE MARY, Fla. — A first-of-its-kind study investigates exactly how cyber-criminals use email phishing attacks to steal billions. The study includes surprising new information about the tactics criminals use, how quickly they attack, and how compromised emails are used to commit fraud. ABC Action News, July 9, 2021
STATE-BY-STATE BREAKDOWN OF CYBERCRIME IN AMERICA: Statistics about violent crimes, like robbery and murder, and property crimes, like theft and arson, are well-covered across the media landscape. But there’s another type of crime that can be devastating — cybercrime. Security.org, June 28, 2021
Cyber SURVEILLANCE
The USPS’ Semi-Secret Internet Surveillance Apparatus: The agency best known for delivering mail has a side hustle in online snooping. Reason, 2021
Cyber Espionage
iOS zero-day let SolarWinds hackers compromise fully updated iPhones: Flaw was exploited when government officials clicked on links in LinkedIn messages. ars technica, July 14, 2021
Know Your Enemy
2021 Cyber Threat Intelligence Report: In an era of unprecedented uncertainty, with so many devices scattered throughout enterprise networks, it’s challenging for security professionals to keep pace with demands. Accenture, July 15, 2021
Another Mercenary Spyware Vendor Comes into Focus: Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts. The Citizen Lab, July 15, 2021
REvil Ransomware Servers Go Dark Suggesting Possible Law Enforcement Takedown: REvil (Sodinokibi), one of the most prolific ransomware-as-a-service operations, had its servers shut down suddenly early on Tuesday morning. NetSec, July 14, 2021
National Cybersecurity
Biden Administration announces flurry of new anti-ransomware efforts: The defensive initiatives include a reward for information on nation-state actors and the formation of a new interagency ransomware task force. CSO, July 26, 2021
Cyber Defense
Global Coalition Needed to Prevent Ransomware Pandemic: INTERPOL Secretary General Jürgen Stock has called for police agencies worldwide to form a global coalition with industry partners to prevent a potential ransomware pandemic. HomelandSecurity Today, July 13, 2021
Cyber Law
The Changing Wind of Data Privacy Law: A Comparative Study of the European Union’s General Data Protection Regulation and the 2018 California Consumer Privacy Act: On May 25, 2018, the European Union’s (EU) General Data Protection Regulation (GDPR) came into effect. The GDPR is expected to reshape web use and overhaul data privacy laws beyond Europe in how businesses and organizations can handle customer and user information. UCI Law, June, 2020
Cyber Enforcement
US offers up to $10 million reward for information on cyberattacks against critical infrastructure by foreign states: (CNN)The US government is offering up to $10 million for information that can identify or locate malicious cyber actors working on behalf of a foreign government to target critical US infrastructure, the US State Department announced Thursday. CNN, July 15, 2021
