Top CyberSecurity News For 21st September 2016

  1. Rand Study: Average Data Breach Costs $200K, Not MillionsFrom DarkReading. 

     Rand taps insurance data and other sources to calculate that cyber incidents cost firms a scant 0.4% of annual revenues, on average.

    The expense and impact of enterprise data breaches may be overblown, according to a new study from the Rand Corp.

    “We find that the typical cost of a data breach is less than $200,000, far lower than the millions of dollars often cited in surveys (e.g. Ponemon 2015),” writes Sasha Romanosky, author of the Rand study, Examining the costs and causes of cyber incidents, released Tuesday. The study goes on to say that $200,000 is about what most companies spend annually on information security.

Top CyberSecurity News For 21st August 2016

  1. Attacker’s Playbook Top 5 Is High On Passwords, Low On MalwareFrom Dark Reading.  Playing whack-a-mole with software vulnerabilities should not be top of security pros’ priority list because exploiting software doesn’t even rank among the top five plays in the attacker’s playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation, according to researchers there. Over the course of 100 internal penetration tests, Praetorian pen testers successfully compromised many organizations using the same kinds of attacks. The most common of these “root causes” though, were not zero-days or malware at all.

Top CyberSecurity News For 18th July 2016

  1. UK Railway Network Suffered Four Cyber-Attacks in the Past YearFrom Softpedia. 

    Unknown hackers have breached the UK railway network four times in the last twelve months, according to Darktrace, a British cyber-security firm, quoted by The Telegraph and Sky News. According to Darktrace, the attacks were only basic reconnaissance operations, intrusions to detect a network’s internal structure and to gather information for future attacks. The company also doesn’t exclude that these intrusions were only accidental. Previously to the UK, attacks on a country’s railway network were detected in the Ukraine this past winter, as part of the infamous BlacEnergy attacks that also targeted the country’s energy grid and airports.

Top CyberSecurity News For 3rd June 2016

  1. Banking expert warns of potential for ‘really bad’ cyberattackFrom CNBC. Cyberattacks on banks need to be looked at with the same kind of urgency as physical threats, because there is the potential for things to get really bad, banking and cybersecurity expert Ben Lawsky said Wednesday. “We live in a world where each day we are surprised by something new when it comes to the sophistication and the capabilities of hackers,” he said in an interview with CNBC.

  2. There’s a Stuxnet Copycat, and We Have No Idea Where It Came From. From Vice.  After details emerged of Stuxnet, arguably the world’s first digital weapon, there were concerns that other hackers would copy its techniques. Now, researchers have disclosed a piece of industrial control systems (ICS) malware inspired heavily by Stuxnet. Although the copycat malware—dubbed IRONGATE by cybersecurity company FireEye—only works in a simulated environment, it, like Stuxnet, replaces certain types of files, and was seemingly written to target a specific control system configuration.

Top Cybersecurity News For 21st April 2016

  1. Cybersecurity Is The Greatest Threat Since Atom Bomb Says Apple Co-founder Steve Wozniak. From IB Times. Cybersecurity is the greatest threat the world has faced since the atom bomb, Apple co-founder Steve Wozniak said in an interview with Australian TV news show Lateline. The perceived threat of a cyberattack, he said, is causing as much fear and panic as the Cold War hysteria during his childhood.
  2. Baltimore Cybersecurity Startup Wins Philadelphia Pitch Event. From Baltimore Business Journal. Baltimore cybersecurity  startup RedOwl was the winner of a Philadelphia pitch competition held on April 15th 2016. RedOwl specializes in detecting and protecting against internal system threats. The company’s software tracks employee activity on company databases to identify suspicious activity or changes in behavior that may indicate a threat.

  3. Cybersecurity Competition Boosts Student Interest in STEM Careers. From Navy.mil. The fourth annual Palmetto Cyber Defense Competition (PCDC), hosted by Space and Naval Warfare Systems Center (SSC) Atlantic in collaboration with the South Carolina Lowcountry Chapter of AFCEA, was held April 9-11 at Trident Technical College in North Charleston, South Carolina.
  4. OneSecure Acquired By EvvoLabs, Rebrands As EVVO Cybersecurity. From ChiefIT.me. OneSecure Asia has announced that it has been acquired by EVVO Labs, a provider of innovative cloud, mobile and media solutions, and will be renamed EVVO Cybersecurity. Customers of both companies will be able to experience a wider range of security solutions as well as services offered by EVVO Cybersecurity.
  5. Vast Majority Of Tested Applications Have At Least One Vulnerability: Cyber Security ReportFrom Canadian Underwriter. Cyber criminals are increasingly making use of malware-as-a-service, an issue of concern given that 97% of applications tested by Trustwave in 2015 had at least one vulnerability, note findings from the 2016 Trustwave Global Security Report.