Here’s an overview of some of last week’s most interesting news, articles and podcasts:
Women in cybersecurity can benefit from taking inventory of their personal apps
Just as new apps get replaced by old ones, we in the security profession must continue to review our personal apps (skills) and upgrade. This might hold particularly true for women, who are urgently needed in greater numbers if the cybersecurity industry is to meaningfully address the longstanding shortage of qualified practitioners.
1.19 billion confidential medical images available on the internet
1.19 billion confidential medical images are now freely available on the internet, according to Greenbone’s research into the security of Picture Archiving and Communication Systems (PACS) servers used by health providers across the world to store images of X-rays as well as CT, MRI and other medical scans.
Hackers helping communities: Leveraging OSINT to find missing persons
People, in general, like helping other people, no matter their degree of connection. And then there are people who go even further: they find a way to help people help people. Robert Sell, the founder and president of Trace Labs, is one of those individuals.
Twitter finally allows users to delete their phone number without disabling 2FA
Twitter users can finally delete their mobile phone number from their account while still being able to use 2FA to additionally secure it.
Review: Foundations of Information Security
Computers have become an essential part of everyday life, but this widespread usage comes with serious risks, especially for organizations. To address the issue, the author, Dr. Jason Andress, an experienced security professional and researcher who has been writing about security for more than 10 years, wrote this very detailed book that guides the reader through the essentials of information security.
Podcast – Malcolm, a new tool for network visibility
Jens Wiesner of the German BSI explores Malcolm, a new (free, open source) tool for OT network visibility, brought to us by the U.S. Idaho National Labs (INL).
Monero Project site compromised, served malware-infected binaries
The official website of the Monero Project has been compromised to serve a malware-infected version of the CLI (command-line interface) wallet.
Study on public cloud performance: AWS, GCP, Azure, Alibaba and IBM Cloud
There are notable network performance and connectivity differences between the five major public cloud providers – Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, Alibaba Cloud and IBM Cloud, ThousandEyes reveals.
Arlo: An open source post-election auditing tool
The Cybersecurity and Infrastructure Security Agency (CISA) is teaming up with election officials and their private sector partners to develop and pilot an open source post-election auditing tool ahead of the 2020 elections.
Managed detection and response: Separating the players from the pretenders
Emerging from the traditional managed security service provider (MSSP) model, Managed Detection and Response (MDR) is an answer to the fact that threat actors have increased their ability to circumvent traditional detection measures.
WhatsApp RCE flaw can be exploited by sending malicious MP4 files
Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as possible.
Google introduces new G Suite security options
Google has introduced new security options for G Suite customers, including Advanced Protection for enterprise users and access control for apps accessing G Suite data.
Redefining security KPIs for 5G service providers
Telco security professionals are missing the mark when understanding their consumers’ priorities, according to KPMG’s recent report. In the wake of a security breach, consumers seek proof that the incident isn’t repeatable, while security executives prioritize apologies.
Healthcare spikes data breach fever, endpoint threat detections grow 60%
The healthcare industry has been overwhelmingly targeted by Trojan malware during the last year, which increased by 82 percent in Q3 2019 over the previous quarter, according to Malwarebytes.
Want to build a successful SOC? Here’s what you need to know
There is no arguing the fact that networks are continually growing in complexity and the cyberattack surface is constantly expanding. A critical step in building a stronger security posture and more robust data protection strategy is a 24×7 facility whose mission is to monitor, detect, investigate and resolve active threats.
California IoT security law: What it means and why it matters
In September, California Governor Jerry Brown signed into law a new bill aimed at regulating the security of IoT devices, and it’s set to go into effect in a few short months on January 1, 2020.
Trusted certificates make phishing websites appear valid
There has been a rampant growth of look-alike domains, which are often used to steal sensitive data from online shoppers.
The way Bluetooth devices ‘talk’ to apps leaves them vulnerable
Mobile apps that work with Bluetooth devices have an inherent design flaw that makes them vulnerable to hacking, a research has found.
Macy’s online store compromised in Magecart-style attack
Android camera apps could be hijacked to spy on users
A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, Checkmarx researchers have discovered.
Template: Assess the performance of your security team
Assessing the performance of your security team is critical to knowing your current posture, as well as planning ahead. The Ultimate 2019 Security Team Assessment Template captures all the KPIs of the security team main pillars, and provides a simple way to measure how teams are operated in 2019, while setting up performance targets for 2020.
Attackers increasingly embrace small-scale DDoS attacks to evade detection
The growth in both large- and small-scale DDoS attacks continues its upward trajectory, according to a report released by Neustar.
Only 11% of organizations can detect intruders in under one minute
The process of detecting, triaging, investigating, and containing a cyber incident takes organizations globally on average nearly seven days of working around the clock (totaling 162 hours), with an average of 31 hours to contain a cybersecurity incident once it has been detected and investigated, a CrowdStrike survey reveals.
New infosec products of the week: November 22, 2019
A rundown of infosec products released last week.