Part of looking ahead to 2021 involves budgeting. Forbes has an opinion piece about what an organization should bear in mind as it plans its security spending for the coming year.
Use Recorded Future Express over any web-based SIEM, vulnerability management solution, security blog, and more to put real-time security intelligence at your fingertips. Instantly prioritize alerts, incidents, and vulnerabilities based on real-time risk scores from the world’s largest commercial collection platform. Sign up now at no cost.
According to Reuters, Vietnam is threatening to block Facebook if the social network doesn’t knuckle under to Hanoi’s demands for censorship of local political content.
Prime Minister Johnson has informed Britain’s Parliament of the existence of the National Cyber Force, a new joint command that’s been in operation since April. The National Cyber Force contains elements from both MI6 and GCHQ. Its mission, according to the BBC, includes both disruption of hostile communications networks and the conduct of information operations.
Many reports at week’s end elaborate on Symantec’s account of the way in which the Chinese threat group Cicada, also known as Cloudhopper or Stone Panda, is leveraging the Zerologon vulnerability and using DLL sideloading attacks to collect intelligence on Japanese targets.
Egregor ransomware, the strain that’s been heralded as most likely to take the place of the (for now) retired Maze, has adopted a particularly irritating method of delivering its ransom notes: it spits them out in hard copy from compromised printers. Tripwire’s State of Security has a report, and they include a link to video of a representative print run. It’s a self-proving method of demonstrating compromise.
A new report from Akamai describes an unfamiliar form of extortion with a low barrier to entry: criminals are poisoning companies’ search engine optimization (SEO) results and demanding a payoff in exchange for stopping. The SEO poisoning typically takes the form of injecting bad reviews and negative comments into various online fora, and then linking those comments back to search results.
Today's issue includes events affecting Australia, Canada, China, Israel, Italy, Russia, the United Arab Emirates, the United Kingdom, the United States, and Zimbabwe.
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.