One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 756750 |
| Date de publication | 2018-07-27 13:00:00 (vue: 2018-07-27 16:02:55) |
| Titre | Things I Hearted this Week, 27th July 2018 |
| Texte |
Welcome to your weekly security roundup, providing you all with the security news you deserve, but maybe might not need.
As always, these news stories are human-curated by me - no fancy algorithms, no machine learning, and definitely no trending topics here.
We are less than two weeks away from Blackhat in sunny Las Vegas. We’ll be there - pop along to booth 528 and say hello if you’re there.
Google: Security Keys Neutralized Employee Phishing
Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes.
Google: Security Keys Neutralized Employee Phishing | Krebs on Security
While we’re on the topic of phishing, attackers used phishing emails to break into a Virginia bank twice in eight months, making off with more than $2.4 million in total. Now the bank is suing its cybersecurity insurance provider for refusing to fully cover the loss.
Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M | Krebs on Security
We’re probably going to see more of this kind of back and forth as companies that have taken out cyber insurance and suffered a breach fight with their insurers over liability and who will cover the cost.
Somewhat related:
Scam of the week, another new CEO fraud phishing wrinkle | KnowBe4
Breaking the Chain
Supply chain and third party risks are getting better understood, but understanding a risk doesn’t necessarily mean it will reduce the risk.
Tesla, VW, and dozens of other car manufacturers had their sensitive information exposed due to a weak security link in their supply chains.
Tesla, VW data was left exposed by supply chain vendor Level One Robotics | SC Magazine
SIM Swap - A Victim’s Perspective
This is a really good write-up by AntiSocial engineer taking a look at how SIM swap fraud can impact victims, and why mobile phone operators need to do more to prevent this kind of fraud.
“It’s an all too common story, the signal bars disappear from your mobile phone, you ring the phone number – it rings, but it’s not your phone ringing. Chaos ensues. You’re now getting password reset emails from Facebook and Google. You try to login to your bank but your password fails. Soon enough the emails stop coming as attackers reset your account passwords. You have just become the newest victim of SIM Swap Fraud and your phone number is now at the control of an unknown person.”
SIM Swap Fraud - a victim’s perspective | AntiSocial Engineer
EU Fails to Regulate IoT Security
In this week’s head-scratching moment of “what were they thinking?”, the European Commission has rejected consumer groups' calls for mandatory security for consumer internet-connected devices because they believe voluntar |
| Envoyé | Oui |
| Condensat | $1m $920 “it’s “what ‘n what 000 000+ 2017 2018 27th 400 528 750 a victim’s account accounts adequate after algorithms all along always another antisocial any apparently april are aren’t articles attackers away back bag bank bargained bars bbc because become began believe better beuc blackhat bleeping blow booth boss botnet branch breach breached breaches breaching break breaking but calls came camera can car ceo chain chains chaos codes coming commission common companies computer connected consumer control corresponding cost costs could cover cue curated cyber cybersecurity data decade definitely deserve devices directly disappear doesn’t dozens due early eight emails employee employees engineer enough ensues ensure european exposed facebook fails fancy fight forth found fraud from fully gdpr getting going good google google: great groups' hack hackers hacking group had happen has have have quadrupled head hearted hello here hide hijacked home homes hospital how human ico impact important in a inc information infosecurity insurance interesting internet iot it’s its july june just keys kind knowbe4 known krebs las learning least left less level liability link login look loss lost lot machine magazine makes making mandatory manufacturers maybe mean medium might million mobile moment money moneytaker months more most necessarily need network neutralized new newest news nobody not notorious now number of breaches: off one operators other out outdated over parliament party password passwords patient person perspective phished phishing phone physical pir place poole pop prevent probably products provider providing quadrupled randomness really recordings reduce refusing regulate rejected related related: remote reported reports requiring researching reset ring ringing rings risk risks robotics roughly roundup router russia russian say scam scratching security see seek sensitive signal sim since skill smart some somewhat soon speaking spent steal stole stolen stop stored stories story successfully suffered suing sunny supply swann's swap taken taking targets taught tesla than their insurers these things thinking third time too topic topics total trending try twice two under understanding understood unknown use used vegas vendor victim victim’s victims virginia voluntary we’ll we’re weak week week’s weekly weeks welcome well what what’s when which who why will work worst wrinkle write you’re you’re there your |
| Tags | Data Breach Hack |
| Stories | Tesla |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.