Week in review: The OT/ICS landscape for cyber professionals, putting the Sec into DevSecOps

Here’s an overview of some of last week’s most interesting news:

How to allocate budget for a well-rounded cybersecurity portfolio
What should a well-rounded cybersecurity portfolio look like?

Android devices with pre-installed malware sold in developing markets
New low-end Android smartphone devices being sold to consumers in developing markets, many of whom are coming online for the first time, contain pre-installed malware, according to Upstream.

An overview of the OT/ICS landscape for cyber professionals
Most cyber security professionals take for granted the information technology or IT nature of their work. That is, when designing cyber protections for some target infrastructure, it is generally presumed that protections are required for software running on computers and networks. The problem is that not everything is software that CPUs control.

Rules automation puts the “Sec” in DevSecOps
DevOps is optimized for a world of constant change, while security still views change as a threat. This friction leaves organizations with two undesirable choices: slow down continuous delivery so security can do its work, or just keep pushing out changes and let the security team figure things out on their own.

Gargoyle: Innovative solution for preventing insider attacks
A group of researchers from UNSW Sydney, Macquarie University, and Purdue University has released a paper on a new and very promising network-based solution for preventing insider attacks.

Want to avoid GDPR fines? Adjust your IT procurement methods
Gartner said many organizations are still not compliant with GDPR legislation even though it has been in force since May 2018. This is because they have not properly audited data handling within their supplier relationships. Sourcing and vendor management (SVM) leaders should, therefore, review all IT contracts to minimise potential financial and reputation risks.

Sumo Logic: What can you learn from our approach to GDPR?
Sumo Logic was founded in 2010 by experts in log management, scalable systems, big data, and security. Today, their purpose-built, cloud-native service analyzes more than 100 petabytes of data, more than 16 million searches, and delivers 10s of millions of insights daily – positioning Sumo among the most powerful machine data analytics services in the world. In this podcast, George Gerchow, CSO with Sumo Logic, talks about their approach to GDPR.

Innovation in healthcare: A hacker’s dream and CISO’s nightmare?
It’s hard not to be excited about artificial intelligence and machine learning in pure technology terms, but applying these innovations to the healthcare sector has the potential to do truly great things for humanity.

Fitness app Polar Flow reveals home addresses of soldiers, spies
Polar Flow can reveal sensitive information about the lives of users, including intelligence agents, embassy workers, military men and women, workers at nuclear weapons storage sites, and so on.

German web hosting firm DomainFactory suffers data breach
The breach dates back to January 29, 2018, and the attacker had access to the following data: customer name, company name, customer number, address, email address, telephone number, DomainFactory phone password, date of birth, bank name and account number, and Schufa score (German credit score).

Is Windows ShimCache a threat hunting goldmine?
How to leverage a computer’s Windows Application Compatibility Cache, a.k.a. ShimCache, and the benefits in doing so, given the wealth of information that can be stored within such a small cabinet of the Windows OS.

WP Security Audit Log: Keeping a watchful eye on your WordPress sites
One way to prevent a compromise before it happens or spotting it as soon as it happens is to use a WordPress activity log plugin solution such as the WP Security Audit Log plugin.

42% of organizations globally hit by cryptomining attacks
Cybercriminals are aggressively targeting organizations using cryptomining malware to develop illegal revenue streams.

Threats financial organizations will face in 2019
What type of threats will financial services and banking organizations face in 2019? According to IntSights Cyber Intelligence, they should be prepared for breaches effected through compromise of established vendor software or SaaS products, and vulnerable third-party, open source software implemented in the applications they use.

Infosec and the future: Dr. Giovanni Vigna on lessons learned over 25 years
When I asked Dr. Giovanni Vigna what are some of the most important lessons he has learned during the 25+ years he spent working in computer security, his answer was simple: always learn by doing and always innovate.

Access to airport’s security system sold on dark web
Leveraging compromised RDP credentials is one of the easiest ways attackers can break into company networks and systems. Unfortunately for all of us, there are a lot of vendors on underground hacker markets that sell those credentials for a laughably small amount of money.

Ransomware back in big way, 181.5 million attacks since January
The malware boom of 2017 has shown no signs of stopping through the first half of 2018.

Ticketmaster breach part of massive credit card skimming campaign
RiskIQ researchers have discovered that the recent breach of Ticketmaster was not a one-off event as initially reported, but part of a massive digital credit card-skimming campaign by the threat group Magecart affecting over 800 e-commerce sites around the world.

Apple releases security updates, adds new privacy protection for iOS users
Apple has released new versions of its many operating systems and software products, with fixes for a wide variety of vulnerabilities. The iOS update also comes with USB Restricted Mode, a new security feature that will protect users’ iPhones and iPads from being accessed by law enforcement with software cracking tools like GrayKey.

Businesses collect more data than they can handle, only half know where sensitive data is stored
With pressure to ensure consumer data is protected mounting, Gemalto today released the results of a global study which reveals that 65% are unable to analyze all the data they collect and only 54% of companies know where all of their sensitive data is stored.

More about

Don't miss