El Diario del CISO El Diario del CISO (The CISO Journal) Edición 7 | Page 6

News0 EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader International InfoSec & Cybersecurity News Cost of telecommunications fraud estimated at €29 billion a year - Help Net Security Europol: Telecoms Fraud Costs €29bn Annually - Infosecurity Magazine The reduced cost and increased availability of hacking equipment means telecommunications fraud is on the rise, estimated to be €29 billion a year. Telecoms fraud costs the industry and end customers over €29bn ($33bn) each year, according to a new report from Europol and Trend Micro. 2019 may be a record year for enterprise breaches, but secure collaboration tools could help 61% of CIOs believe employees leak data maliciously A network is only as strong as its weakest shard Algorithms can now find bugs in computer chips before they are made ASUS confirms server compromise, releases fixed Live Update tool Attackers are exploiting IMAP to bypass MFA on Office 365, G Suite accounts Attackers compromised ASUS to deliver backdoored software updates Average DDoS attack sizes decrease 85% due to FBI's shutdown of DDoS-for-hire websites Breaking the cybersecurity stalemate by investing in people Build-time security: Block risk and security issues from production rings Businesses have cybersecurity best practice guidelines but fail in practice CEOs more likely to receive pay rise after a cyber attack. Wait, what? CFOs and CIOs must collaborate on digital transformation to remain competitive Consumers willing to dump apps that collect private data, but can't tell which are doing so Cyber preparedness essential to protect EU from large scale cyber attacks Cybercriminals are increasingly using encryption to conceal and launch attacks Denial of Service vulnerability discovered in Triconex TriStation Software Suite Emulator Does siloed data negatively impact your organization? Employee cybersecurity essentials part 1: Passwords and phishing Encrypted attacks growing steadily, cybercriminals are increasingly targeting non- standard ports Experts to help boards tackle cybersecurity threats Fewer than 28% of gov.uk using DMARC effectively in line with guidelines Guilty by association: The reality of online retail third-party data leaks How the Google and Facebook outages could impact application security How to build an effective vulnerability management program Latest tactics used by cybercriminals to bypass traditional email security Less than 20% of IT pros have complete access to critical data in public clouds Meet the new generation of white hats Mirai variant picks up new tricks, expands list of targeted devices Most companies help employees cover costs to obtain professional certifications Most IT and security professionals feel vulnerable to insider threats Nearly half of organizations lack the necessary talent to maintain security measures New blockchain system uses reputation to fend off 51 percent attacks Norsk Hydro cyber attack: What happened? Norsk Hydro cyber attack: What's new? Secure workloads without slowing down your DevOps flows Security fatigue leads many to distrust personal data protection, can you blame them? Security remains a top concern for IoT executives, but small fixes can shore up ecosystem resilience Serverless, shadow APIs and Denial of Wallet attacks SMBs willing to invest more to protect their businesses Tax season scaries: How to keep your data safe from insider threats The art of securing ERP applications: Protecting your critical business processes The modern threat landscape and expanding CISO challenges The privacy risks of pre-installed software on Android devices The ransomware attack cost Norsk Hydro $40 million so far Third-party cyber risk management is a burden on human and financial resources Unsurprisingly, only 14% of companies are compliant with CCPA Weighing the options: The role of cyber insurance in ransomware attacks What worries you the most when responding to a cybersecurity incident? Worldwide spending on security solutions expected to continue growing You may trust your users, but can you trust their files? IoT – Your security Nightmare - cso.com.au Cyber ecosystem helping Australian security startups focus more on partnerships than quick acquisition Aluminium Giant Norsk Hydro Suffers Major Cyber-Attack Apple, Microsoft Top Orgs Used in Spear Phishing Attacks Target AmEx, Netflix Users with Phishing Competitors Flout Rules in a Digital Cold War Cyber Expert Hosts ‘Savvy Cyber Kids’ Talk in MA DLA Piper Set to Sue Insurer Over NotPetya Claim: Report Hackers Queue Up to Exploit WinRAR Bug Half of Global Firms Concerned Over Security Skills Gaps Intel Microchip Intercepts Signals, Reads Memory IT Security Pros Slam State-Backed Encryption Backdoors Magento Warns E-Commerce of SQL Injection Risk Medtronic Flaws Could Let Hackers Control Devices Most UK Retailers See Increase in Cyber-Attacks Nation-States Have Right to Hack Back, Survey Says NCSC Backs New Group to Help Boards’ Cyber Risk Efforts. New EU Protocol Preps for X Border Cyber Attacks New Variant of AZORult Trojan Written in C++ Norsk Hydro Admits Ransomware Costs May Have Hit $41m Only 28% of Gov.uk Domains Support DMARC Orgs Grapple with Pros and Cons of Remote Workers Over One Million Asus Users Backdoored in Sophisticated APT Polish Regulator Issues First GDPR Fine Privacy in Digital World Is Impossible, Survey Says Researchers Raise Privacy Alarm Over Medicine Apps Russian State Hackers Phish Euro Governments Ahead of Elections Skills Shortages Are Exposing Business to Cyber Risk Tech Duo Stung for $122m by BEC Attacker Telecom Fraud Scams on the Rise There’s No Day Off for Cybersecurity Professionals Toyota Japan Hacked, Vietnam Office Suspects Breach UK E-commerce Fraud Soars 27% in 2018 UK Police Federation Hit by Ransomware US Government Leaks PII of Over Two Million Disaster Survivors Why Cybersecurity Planning Should be an Integral part of the Marketing Function Zero-Day WordPress Plugin Exploited in the Wild Asus releases fix for supply chain cyber attack Asus has released a fix for a supply chain attack and downplayed the impact on customers while promising to contact all those affected as incident highlights code signing vulnerabilities Build in trust, experts advise cyber innovators Cyber attacks targeting industrial control systems on the rise EU law enforcement agencies prepare for major cyber attacks Firms urged to protect against spear phishing Geopolitical issues affecting cyber security Infosec pros slam government-mandated backdoors More than half of EU firms report cyber attack losses Norsk Hydro cyber attack cost estimates up to $41m Norwegian aluminium producer hit by ‘extensive’ cyber attack Police make 61 arrests in global crackdown on dark web Security Think Tank: Enable outcomes-based security in software development Security Think Tank: Monitoring key to outcomes-based security UK Finance 2018 Fraud Statistics | Information Security Buzz Rise In DDoS Attack Size