Too busy working all week to keep up with the most interesting stories coming out of the technology and security industries? Below are our recommendations for a roundup of the top stories happening now that you need to know. 1. Russian hackers 'target' presidential candidate Macron Russian hackers are targeting the campaign of French presidential candidate Emmanuel Macron, security experts say. Read more…
This week BOHH Labs CTO, Ken Hawkins, attended the 2017 Atlanta Fraud & Breach Prevention Summit. Below he offers insight on the event.
Who Was the Most Interesting Speaker You Heard? One of the most interesting talks was given by Bryce Austin, the former Program Manager and Technology Lead for Target during the infamous November 2013 breach. He offered more insight surrounding the attack that compromised millions of its customers’ credit card and debit card accounts. Due to the volume of people affected, you would have thought it was a highly-sophisticated attack. In fact, all it took was changing one line to the source code in the payment processing system and voilà. It is quite eye opening that all it takes for 70 million people to have their credentials stolen is the result of a single code tweak and weak network security. What Was your Main Take Away on the Event? The main takeaway for me is two-fold. 1. Cyberattacks when they happen are still often related to malicious code that has more than likely been on a system for some time. That said, any updates to network traffic monitoring more than likely will never see the attack coming no matter how often those systems or services are updated. The Target breach is a prime example because when it happened it was a flood of traffic that Target was unprepared to stop once it started. 2. We still have a long way to go in the industry before making progress in tackling cybersecurity attacks. So much of the conversation is focused on early detection and bracing for and minimizing the impact of the next imminent attack. The metaphor of an M&M is used to mean hardened outer shell (network access) with a soft inner center (your network). Too much emphasis today is still being put on detecting network traffic and not dealing with hardening the systems internally. Moving forward there needs to be more focus on securing data, access to said data from within as well as outside access and looking at securing the actual tools inside the network and not just monitoring for unusual activity. To learn more about the 2017 Atlanta Fraud & Breach Prevention Summit or to hear more on all of the speakers click here.
Too busy working all week to keep up with the most interesting stories coming out of the technology and security industries? Below are our recommendations for a roundup of the top stories happening now that you need to know. 1. Hacker Documents Show NSA Tools for Breaching Global Money Transfer System The Shadow Brokers released documents and files indicating NSA had accessed the SWIFT money-transfer system through service providers in the Middle East and Latin America. Read more…
3. Half of all UK businesses experienced a cyberattack in the last year Some 46% of all UK businesses identified at least one cybersecurity breach or attack in the past year, according to a new report from the UK Department for Culture, Media and Sport. That number rises to 66% among medium-sized firms, and 68% among large firms, the report found. Read more…
Too busy working all week to keep up with the most interesting stories coming out of the technology and security industries? Below are our recommendations for a roundup of the top stories happening now that you need to know. 1. Incredible Shrinking Bank Populations The number of U.S. banks has fallen by 24% since the end of 2010, a result of mergers, failures and a dearth of de novo activity. Read more…
Too busy working all week to keep up with the most interesting stories coming out of the technology and security industries? Below are our recommendations for a roundup of the top stories happening now that you need to know. 1. Scottrade Bank data breach exposes 20,000 customer records Scottrade Bank recently secured a MSSQL database containing sensitive information on at least 20,000 customers that was inadvertently left exposed to the public. Read more… 2. China-Based Threat Actor APT10 Ramps Up Cyber Espionage Activity An unknown number of managed service providers and their customers are victims of a massive, global cyber espionage campaign by a China-based threat actor that this week was also fingered in another attack against a U.S. group involved in lobbying around foreign trade policy. Read more…
3. Finicity first to ink data exchange deal with Wells Fargo Wells Fargo and data aggregation provider Finicity have signed a deal that provides an API-based method for sharing Wells Fargo customer information with the financial apps and services that Finicity supports. Read more…
