Weekly Cyber Security News 22/11/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Leaky bucket time once again. With so much effort by the providers to make it as hard as possible to accidentally expose data, then for the devs to try really hard to undo all of that because they are too lazy (or lack understanding) to do a proper job, is utterly mystifying. Please, please try and make the effort...


The Importance of Alert Grouping

Alerts are one of the most important information sources when it comes to cyber security. They notify and inform your IT team about ongoing cyber threats, security events and any other incident that might threaten your organization. In this article, we will focus on alert grouping and why it is important for the security of your organization.


Announcing Datadog Security Monitoring

With the growing complexity and velocity of security threats in dynamic, cloud-native environments, it’s more important than ever for security teams to have the same visibility into their infrastructure, network, and applications that developers and operations do. Conversely, as developers and operations become responsible for securing their services, they need their monitoring platform to help surface possible threats.


Why CJIS mobile compliance might be easier than you think

Although we just wrapped up National Cybersecurity Awareness Month in October, security professionals never take a break — because cybercriminals don’t either. That’s especially true for folks who work in law enforcement. Every day they are on the front lines helping to protect the public and solve crimes using Criminal Justice Information (CJI) such as crime reports and fingerprints.


What is chaos engineering and why does it matter?

The big day is finally here. That project your team has been working on for the last six months? It’s launching today. A little giddy with anticipation, the team monitors the deployment process as dashboards click over from red to green. Everything is working perfectly. These are some of the best days to work in the tech world. Through a lot of hard work and persistence, you’ve brought something into the world which wouldn’t have existed otherwise.

Now or never: Your last stand against cyber attacks.

The Global Risks Report 2019 states that cyber attacks are one of the top five risks to global stability. In the cyber world, there are just two categories of people: one category who've realized that they've been attacked and the other category who are yet to realize. In this technology-infused world, anybody can become a hacker with just $1; that's how critical cyber security is.

Secret Keys to the Password Kingdom

Building trust with customers is a must for MSPs. And because of the unique nature of MSPs, it’s not always easy. Your customers aren’t simply giving you administrative access to a few admin accounts—they’re sharing secrets which must be securely managed across all the systems, apps, and users you manage for them. Passwords, SSH keys, licenses, cloud infrastructure logins, and SaaS portal accounts are just the beginning. To solve issues quickly, your technicians can’t waste time locating the credentials needed to resolve issues and make users happy.

Q&A - The Next Generation Data Platform for Financial Crime

An Interview with Dr Richard Harmon, Managing Director, Financial Services, Cloudera Financial Crime is one of the biggest costs for financial institutions with recent research by Refinitiv indicating that global financial services (FS) organisations lost more than $1.4 trillion in 2018. Another Refinitiv report indicates that 97% of FS institutions believe that technology can significantly help with financial crime prevention.


Just 12% of ICS Security Pros Very Sure of Orgs' Ability to Respond to Digital Attacks

Malicious actors are increasingly launching digital attacks against industrial organizations. Many of these campaigns have been successful, particularly those that have targeted energy utilities and manufacturing plants. In late spring 2019, for instance, aircraft parts manufacturer ASCO temporarily suspended operations worldwide after falling victim to a ransomware attack.


What is an Exploit?

An exploit is a piece of software, data or sequence of commands that takes advantage of a vulnerability to cause unintended behavior or to gain unauthorized access to sensitive data. Once vulnerabilities are identified, they are posted on Common Vulnerabilities and Exposures (CVE). CVE is a free vulnerability dictionary designed to improve global cyber security and cyber resilience by creating a standardized identifier for a given vulnerability or exposure.