Waratek

Companies aren’t the only groups that struggle with #patching critical #CVEs within 30 days. Why wait days when you can patch in minutes?https://www.gao.gov/products/GAO-20-133?utm_campaign=wp_the_cybersecurity_202&utm_content=daybook&utm_medium=email&utm_source=newsletter&wpisrc=nl_cybersecurity202#summary …

“None of this ever shows up on a #vulnerabilityscanner.” The back story to the recent Cisco #patches.https://www.cyberscoop.com/shmoocon-cisco-0-days-ken-pyle/ …

National Institute of Standards and Technology (#NIST) is asking for comments on the latest #ransomware guidance.https://www.bankinfosecurity.com/nist-drafts-guidelines-for-coping-ransomware-a-13679?rf=2020-02-04_ENEWS_SUB_BIS__Slot1_ART13679&mkt_tok=eyJpIjoiWVRsbU5HRTBaRGN5TUdJdyIsInQiOiJcL3FUZzlSQ0t3RFZDQlZrNzM5ckQ2RU9RYkZDekJPemhUemRKTHI2VFZJVUNkamZaYkh1a1JORkF5bHA2NTdwS0xqMEhiZkZqXC9samRucjkxeHlcL1RRZFZURzcrSkw3UjZQYWl4djBOQkZcL3NqYlA5S2ZOMktWNlZTUDErWDMxSmxvXC9JNkY0bWVhdnZMbmU2SGNKOTRzZz09In0%3D …

Accenture’s latest #cybersecurity report: Most companies protect 60% of their environment, but 40% of #breaches & #cyberattacks occur in the unprotected areas. https://www.businesswire.com/news/home/20200203005070/en/17-Organizations-Globally-Considered- …“Leaders”-Cyber-Resilience

It appears that locking up industrial controls is moving from Nation-State attacks to criminal #cyberattacks for profit. That’s a dangerous #cybersecurity trend.https://www.wired.com/story/ekans-ransomware-industrial-control-systems/?utm_campaign=wp_the_cybersecurity_202&utm_medium=email&utm_source=newsletter&wpisrc=nl_cybersecurity202 …

Forrester & MIT look at who needs a #CISO and their role. Hint: Every business & high on the org chart.https://www.technologyreview.com/s/615092/cybersecurity-in-2020-the-rise-of-the-ciso/ …

Stats of the Day: 13% of #ransomware attacks exploited unpatched #CVEs while average payments doubled to $84K in Q4. Need to patch faster?https://www.bankinfosecurity.com/ryuk-sodinokibi-surge-as-ransom-payments-double-a-13654 …

A new #RCE remote command execution CVE impacts #Linux. Does it impact you?https://www.zdnet.com/article/rce-in-opensmtpd-library-impacts-bsd-and-linux-distros/?ftag=TRE-03-10aaa6b&bhid=28772481217630576545847839755323 …

The number of US #databreaches increased 17% in 2019...and #cyberattacks (or #cybersecurity failures) were the most common cause.https://www.idtheftcenter.org/2019-data-breaches/ …

Still not fixed. Maybe the third time’s the charm. #cybersecurity #patcheshttps://www.wired.com/story/intel-zombieload-third-patch-speculative-execution/?utm_campaign=wp_the_cybersecurity_202&utm_medium=email&utm_source=newsletter&wpisrc=nl_cybersecurity202 …

The average ransomware payment has jumped 3x in nine months in the US - in part due to #cyberinsurance paying the demands. Now, premium payments are going up, too.https://www.reuters.com/article/us-ransomware-insurance/insurers-look-to-curb-ransomware-exposure-as-u-s-cyber-rates-rise-idUSKBN1ZL1J2?utm_campaign=the_cybersecurity_202&utm_medium=Email&utm_source=Newsletter&wpisrc=nl_cybersecurity202&wpmm=1 …

All the fancy #cybersecurity tools and boxes with blinky lights still can't fix humans doing dumb things.https://www.computerweekly.com/news/252477228/End-user-security-ignorance-laid-bare-in-new-report …

Got Cisco in your racks? There's a new 9.8 #CVE that you may need to #patch.https://www.zdnet.com/article/cisco-patch-this-critical-firewall-bug-in-firepower-management-center/?ftag=TRE-03-10aaa6b&bhid=28772481217630576545847839755323 …

Virtual Runtime Patches can fix known #CVEs in minutes, not months, to help avoid #cyberattacks and #databreaches.https://www.bankinfosecurity.com/mitsubishi-electric-blames-anti-virus-bug-for-data-breach-a-13628?rf=2020-01-22_ENEWS_SUB_BIS__Slot6_ART13628&mkt_tok=eyJpIjoiT0RWbVlUZGpZamhrTnpZNCIsInQiOiJDZ0FmeXFiUURmWjNlaEVsUGZBMG94cThrUHVTM3A0RXNWZ0NBQ2RqZlhXQUxuZldlY3pOcVoxYlwvNEQyWndcL0tkYURBTTZpXC9Tc2NwWGdFVElqWnpDVEVQbDNFWVVpTFpYSTByaU1QT2t1bW9JZ25VVkdcL2d2d09iNTRWSHNjTENxZlF3M21JdDZpMExTeW5WTjJZY0ZBPT0ifQ%3D%3D …

”...the file was named "Sales_Quotation_SQUO00001760.img," and once opened, it would extract an executable containing NetWire.” #cybersecurity #BEC #cyberattackshttps://www.zdnet.com/article/in-new-enterprise-attack-wave-netwire-rat-trojan-buries-itself-in-image-files/?ftag=TRE-03-10aaa6b&bhid=28772481217630576545847839755323 …

"The @SANS survey showed that rapid movement of corporate services and business applications to #cloud -based technology is the biggest factor causing breakage in existing security architectures...”https://finance.yahoo.com/news/cloud-usage-drives-cybersecurity-spending-141500325.html …

There have been 160K+ #databreaches reported under the #GDPR, but the biggest fines so far have been for #cybersecurity failures - like not #patching known code flaws.…https://securityboulevard-com.cdn.ampproject.org/c/s/securityboulevard.com/2020/01/gdpr-regulators-have-imposed-126m-in-fines-thus-far-finds-survey/amp/ …