“... It's not about buying the latest cool tech. Security is about fundamentals, plain and simple...” says CISO of Lyft
Saturday, January 20, 2018
Crazy that almost anybody nowadays can do this with very little technical skill requires.
“... Alex Bessell, 21 ... was convicted ... police raided his home and found that Bessell had seized remote control of at least 9,083 computers, without their owner's permission, to create a massive botnet...”
Posted by neonprimetime at 7:36 PM
Having 2FA is important on remote portals!
“... gained access to hospital systems by logging in with a third-party vendor's credentials into the Hancock Hospital remote access portal...”
Posted by neonprimetime at 1:59 PM
@lorettodave Says “...Today, managers approve access requests, and IT implements them without knowing *why* a user needs access. The approach outlined here would help transfer risk ownership back to data/asset owners (and away from IT/InfoSec)...”
Posted by neonprimetime at 1:54 PM
How confident are you that your termed employee’s accounts are actually disabled ?
“... an ex-employee is suspected of viewing data of 52 New York students from Dec. 30 to Jan. 2...”
Posted by neonprimetime at 1:48 PM
Seems like PoS businesses should find ways to be a bit more pro-active hunting and find the intrusions instead of getting told about them.
“... Cybercriminals successfully install RAM-scraping malware onto one or more point-of-sale devices ... The breached business discovers the intrusion only after card issuers spot patterns of payment fraud that traced back to their organization...”
Posted by neonprimetime at 1:41 PM
Should the Wordpress admin page have been accessible to the world ? Should there have been 2FA ? Was the password guessable ?
“... Cyberattackers used valid login details to access Carphone Warehouse's system through an out-of-date version of content platform Wordpress...”
Posted by neonprimetime at 1:32 PM