Month: May 2019

Google stored some passwords in plain text for 14 years

/ mbenlawson / Leave a comment

This is an interesting admission by the team at Google.  Though they have not confirmed the number of affected enterprise customers, I know it least one local organization that was contacted by Google concerning this unintentional data leak.  Fortunately, that organization had ceased using the service some time ago.

It does appear that Google has remediated the problem.  That said, any potentially affected organization should address password reuse and other related opportunities to mitigate the risk.

https://nakedsecurity.sophos.com/2019/05/23/google-stored-some-passwords-in-plain-text-for-14-years/

The city of Baltimore is being held hostage by ransomware

/ mbenlawson / Leave a comment

This has been ongoing for some time.  This article provides a good overview of the plight facing the city of Baltimore.  At the end of the day, the situation boils down to a cost benefit analysis weighing the downtime associated with the ransomware attack versus the cost of the bitcoin ransom itself.  Then there is the added layer of whether it is prudent or legally advisable to pay a ransom of this type.

In these situations, it is important to remember the layers of protection needed to mitigate these types of attacks against any organization.  You should have a strong, flexible endpoint protection solution in place capable of detecting a ransomware infection and stopping its spread.  You should also have a sound backup and recovery solution in place with a frequent RPO (recovery point objective) and a very short RTO(recovery time objective).

Learn from this situation in Baltimore and prepare!

https://nakedsecurity.sophos.com/2019/05/23/the-city-of-baltimore-is-being-held-hostage-by-ransomware/

New Bill Proposes Cybersecurity Training for U.S. House Members

/ mbenlawson / Leave a comment
US_Capitol_west_side
Photo Source: Wikipedia

Don’t get me wrong.  I am excited and encouraged to know that certain members of the House recognized the need for cybersecurity awareness training for everyone in Congress and presented this legislation.  But I must admit that I am a bit sad and discouraged that it will take a literal act of Congress to force our government to train and prepare itself for these types of threats.

As the article mentions, this move is quite a few years late in terms of a best practices approach to cybersecurity.  Let’s hope it passes and our government can take another small step forward in the fight against cyber crime.  Let’s also hope that all other branches of our government see the value of this training and follow suit!

https://www.securityweek.com/new-bill-proposes-cybersecurity-training-us-house-members

Microsoft Confirms Intent To Replace Windows 10 Passwords For 800 Million Users

/ mbenlawson / Leave a comment

Our ability to securely move beyond passwords as the singular trusted authentication mechanism has been here for some time, but concept and related technology has lacked traction.  I am excited to see Microsoft continue to endorse and partner with the FIDO Alliance to bring forward secure, alternative authentication options to the masses.

Please remember that even the best Microsoft Hello option is still often a single authentication factor.  For sensitive system access, multi-factor authentication is still the safest, most effective approach to authentication.

https://www.forbes.com/sites/daveywinder/2019/05/11/microsoft-confirms-intent-to-replace-windows-10-passwords-for-800-million-users/#6c2d97324a83

Verizon Data Breach Report: Espionage, C-Suite and Cloud Attacks on the Rise

/ mbenlawson / Leave a comment

If you are in any way associated with or responsible for the IT and/or cybersecurity of your organization, then you need to read this report.  Verizon’s annual report provides a wealth of both valuable and actionable information in terms of what is happening in the world of IT security incidents and breaches and where our efforts as IT security professionals should be focused.  Please read the report and these related recaps.

Also, a couple of tidbits of interest from the report summary:

#1 Threat Action associated with a breach – Phishing

71% of all breaches were financially motivated

69% of all threats are still external

https://enterprise.verizon.com/resources/reports/dbir/

https://threatpost.com/verizon-dbir-espionage-c-suite-cloud/144486/

https://www.tripwire.com/state-of-security/security-data-protection/highlights-from-verizon-dbir-2019/