https://nakedsecurity.sophos.com/2017/07/31/monday-review-the-hot-32-stories-of-the-week-3/
Month: July 2017
Verticals Vary Widely When it Comes to Prioritizing Cyber
Clearly, the perceived threat of cyber attacks varies across industry verticals, but the actual threat level does not differ greatly. Most, if not all verticals have data worthy of a cyber attack and are, therefore, targeted on a regular basis. Due diligence should be universal across the spectrum of industry verticals.
https://www.infosecurity-magazine.com/news/verticals-vary-widely-prioritizing/
Adobe Announces Flash Distribution and Updates to End
No one can say that they did not know this was coming, but I must admit I am excited that the light at the end of the tunnel is visible. We are getting closer to a day when this patch management nightmare will be over. Rest in peace Adobe Flash….as soon as possible.
https://webkit.org/blog/7839/adobe-announces-flash-distribution-and-updates-to-end/
Russia Passes Bill Banning Tor, VPNs
I am not a Libertarian. I am not a proponent of an absolute freedom of speech. I believe that certain forms of censorship are necessary to keep the peace and maintain the rule of law and the function of society. The current situation in Russia and the laws being passed are not this type of censorship. Many would refer to these laws as a veiled attempt to suppress opposition to government power. They would be wrong. There is nothing being veiled. This is a blatant, obvious attack against the people of Russia in the name of absolute government rule.
We should all be offended. We should be appalled. We should defend against these laws with all our might. Evil can and will spread and no one and no nation is immune.
https://www.infosecurity-magazine.com/news/russia-passes-bill-banning-tor-vpns/
Data Breaches Are Up 29 Percent Over Last Year
These statistics are very sobering.
https://blog.knowbe4.com/data-breaches-are-up-29-percent-over-last-year
Sophos Weekly Recap
Oracle Releases Biggest Update Ever: 308 Vulnerabilities Patched
Please review your Oracle implementations and patch accordingly.
https://threatpost.com/oracle-releases-biggest-update-ever-308-vulnerabilities-patched/126910/
Free Certs Come With a Cost
Let’s Encrypt certainly presents an interesting challenge. I have personally sang the praises of this project from its inception because I do believe the world needs a cost effective solution for site encryption/certificates. That said, abuses of this system were to be expected. I believe it is time for the IT security community to rally around this project and provide support toward an oversight solution that can limit these abuses and maintain this valuable resource for the world at large.
Sophos News Briefs and Weekly Recap
Playing a little catch up after being out of the office for a few days, so enjoy these recaps from the past week.
https://nakedsecurity.sophos.com/2017/07/17/monday-review-the-hot-25-stories-of-the-week-17/
The Costs of Three Major Email Security Breaches
This is an interesting read with a sound financial perspective for an email-related breach. Enjoy.
