SecureTheVillage — Upcoming Conferences
Los Angeles Cyber Lab Security Summit
Security Summit 2019 … Connecting the Community
Los Angeles Cyber Lab
September 17 – 18
Cybersecure SoCal 2019. Cybersecurity is a Team Sport.
Cybersecure SoCal 2019 Cybersecurity is a Team Sport!
… a joint presentation of SecureTheVillage and the Pepperdine Graziadio Business School’s CyRP Program
Register Now: Early Bird Registration $99 through Aug 31
Keynote Speaker: Ron Ross, Fellow at the National Institute of Standards and Technology. His focus areas include cybersecurity, systems security engineering, and risk management.
October 17 8:00 am – 3:30 pm
SecureTheVillage — Cyber Risk Management Webinar Posted
Webinar: SecureTheVillage July Webinar: Cyber Risk Management
Panelists: Howard Miller, Charla Griffy-Brown
Individuals at Risk
Identity Theft
Equifax data breach: How to claim $125 right now in the FTC settlement: You can file a claim right now to get $125 as part of the $700 million settlement reached between Equifax and the FTC. Cnet, July 27, 2019
What You Should Know About the Equifax Data Breach Settlement: Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity. KrebsOnSecurity, July 23, 2019
Cyber Warning
Mobile malware attacks are booming in 2019: These are the most common threats: Researchers at Check Point warn of a 50% increase in cyberattackers targeting smartphones compared with last year. ZDNet, July 25, 2019
Know Your Enemy
Complete Personal Fraud Kits Sell for Less Than $40 on Dark Web: The low cost of records reflects the huge supply of PII after many breaches at hospitals, government agencies, and credit bureaus. Dark Reading, July 26, 2019
Cyber Humor
Information Security Management in the Organization
Cybersecurity in the C-Suite
66% of SMBs don’t believe they are vulnerable to cyberattacks: SMBs aren’t prioritizing cybersecurity prevention strategies, even though they are at risk of attack, according to a Keeper Security report. TechRepublic, July 26, 2019
Information Security Management and Governance
This Is What Experts Say Will Turn the Tide Against Increasing Cyberthreats: Despite the $124 billion that Gartner estimated organizations would spend fending off cyberthreats this year, the frequency and severity of incidents continues to grow. A report by Nominet found that the majority of chief information security officers (CISOs) lack the necessary resources to defend their organizations. And an informal survey of 22 industry executives, chief technology officers (CTOs), security analysts and independent security experts last year by SiliconAngle found unanimous agreement that the cybersecurity problem is getting worse. SecurityIntellegence, July 25, 2019
Cyber Defense
Organizations struggle to secure cloud applications as report finds 34M vulnerabilities across AWS, Google Cloud and Azure: A new report from Unit 42, the threat intelligence team at Palo Alto Networks Inc. has uncovered 34 million vulnerabilities across leading cloud service providers, highlighting that organizations are struggling with securing cloud installations. SiliconAngle, July 24, 2019
Cyber Insurance
Ransomware, Data Breaches Expose Gaps in Cyber Insurance Market: As U.S. companies grapple with cyber crime costs, indiscriminate ransomware attacks, and hundreds of millions of dollars in data breach fines, many seek protection in a normally predictable bet—insurance. Bloomberg Law, July 24, 2019
Cyber Talent
Universities are expanding cybersecurity education to meet broad demand. Global cybersecurity workforce shortage projected to reach upwards of 1.8 million unfilled positions by 2022: The cybersecurity needs of organizations are becoming more interdisciplinary and, according to experts, so are the educational programs that prepare students for careers in the emerging field. ed scoop, July 26, 2019
Cybersecurity in Society
Cyber Privacy
In rare bipartisan mood, House passes anti-robocall bill by 429 – 3 vote in major crackdown on spam calls: The scourge of robocalls is one step closer to being eradicated. Fox, July 26, 2019
Companies’ ‘Anonymized’ Data May Violate GDPR, Privacy Regs: New study found that any database containing 15 pieces of demographic data could be used to identify individuals. DarkReading, July 26, 2019
Cyber Privacy – Facebook
Privacy Group Files Legal Challenge to Facebook’s $5 Billion F.T.C. Settlement: A prominent public interest research group is challenging the Federal Trade Commission’s $5 billion privacy settlement with Facebook in court, calling it an unjustified victory for the tech giant and a bad deal for hundreds of millions of consumers who depend on its services. The New York Times, July 26, 2019
Cyber Crime
Louisiana Gov Declares Emergency After Cyberattacks Plague Schools: Attacks on at least three school districts and likely others have prompted the state’s first emergency due to cyberattack. ThreatPost, July 26, 2019
Ransomware Attack List: Cities, Municipalities and Government Agencies – MSSP Alert: Ransomware attacks have hit at least 170 county, city, or state government systems since 2013, and 22 of those attacks occurred in the first half of 2019, according to The U.S. Conference of Mayors. We’re checking to see if those malware attack statistics represent U.S. or global figures. MSSP, July 25, 2019
Ransomware: Why cities have become such a big target for cyberattacks – and why it’ll get worse: A number of US cities have paid ransoms of hundreds of thousands of dollars after getting caught out by hackers — and if the business model is working, cybercriminals will keep exploiting it. ZDNet, July 24, 2019
Cyber Attack
Very sophisticated cyber attack hits hyper-secure email system used by journalists and others probing Russian intelligence: One of the world’s most secure email services has been caught up in a sophisticated cyber attack aimed at investigative journalists and other experts who are probing Russian intelligence activities. Financial Times, July 26, 2019
Cyber Defense
Security firm purposely releases flawed blockchain into the wild to help educate hackers: Despite their supposed security, there are still many exploitable vulnerabilities that can compromise a blockchain. But one security firm thinks it can fix that, and it believes the key to developing more secure blockchains is to start with a really insecure one. The Next Web, July 26, 2019
Cyber Law
Judge allows suit against AT&T after $24 million cryptocurrency theft: It’s usually not possible to reverse fraudulent cryptocurrency transactions. ars technica, July 23, 2019
National Cybersecurity
NSA Launches Cybersecurity Arm To Defend The U.S. From Foreign Adversaries: The National Security Agency (NSA) has announced its intention to create a cybersecurity directorate this fall in a bid to defend the U.S. against foreign adversaries. It comes at a time of increasing election interference by foreign nations such as Russia as part of an ongoing strategy to destabilize the West. Forbes, July 24, 2019
Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’: Red faces in Moscow this weekend, with the news that hackers have successfully targeted FSB—Russia’s Federal Security Service. The hackers managed to steal 7.5 terabytes of data from a major contractor, exposing secret FSB projects to de-anonymize Tor browsing, scrape social media, and help the state split its internet off from the rest of the world. The data was passed to mainstream media outlets for publishing. Forbes, July 20, 2019
Cyber Freedom
States Rush to Make Voting Systems More Secure as New Threats Emerge: Amid growing warnings about the security of American voting systems, many states are rushing to address vulnerabilities exposed by the 2016 election, even as intelligence officials worry they are fighting the last battle and are not sufficiently focused on a new generation of threats headed into 2020. The New York Times, July 26, 2019
Georgia officials accused of destroying evidence in touchscreen voting machine lawsuit: In a federal court filing, lawyers for election integrity advocates accuse Georgia election officials of intentionally destroying evidence that could show unauthorized access to the state election system and potential manipulation of election results. The advocates and individual Georgia voters sued election officials in 2017 alleging that the touchscreen voting machines Georgia has used since 2002 are unsecure and vulnerable to hacking. CBS News, July 26, 2019
The Unsexy Threat to Election Security: Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level. KrebsOnSecurity, July 25, 2019
Russia Targeted Election Systems in All 50 States, Report Finds: WASHINGTON — The Senate Intelligence Committee concluded Thursday that election systems in all 50 states were targeted by Russia in 2016, an effort more far-reaching than previously acknowledged and one largely undetected by the states and federal officials at the time. The New York Times, July 25, 2019
Russians are still meddling in US elections, Mueller said. Is anybody listening?: The biggest takeaway from Robert Mueller’s appearances on Capitol Hill is not that Donald Trump may have obstructed justice, although that’s what most people continue to argue about. CNN, July 25, 2019
Neo-Nazi SWATters Target Hundreds Including Dozens of Journalists: Nearly three dozen journalists at a broad range of major publications have been targeted by a far-right group that maintains a Deep Web database listing the personal information of people who threaten their views. This group specializes in encouraging others to harass those targeted by their ire, and has claimed responsibility for dozens of bomb threats and “swatting” incidents, where police are tricked into visiting potentially deadly force on the target’s address. KrebsOnSecurity, July 24, 2019
Cyber Law
New York raises the stakes with new breach disclosure laws. Companies will now have to be more forthcoming with New York residents about cyberattacks that jeopardize private data under pair of new laws: Companies will have to be more forthcoming with New Yorkers about cyber-attacks that jeopardize private data under a pair of new laws signed Thursday by Gov. Andrew Cuomo. Government Technology, July 26, 2019
Cyber Enforcement
Briton who helped stop 2017 WannaCry virus spared jail over malware charges: The British computer expert who helped shut down the WannaCry cyberattack on the NHS said he is “incredibly thankful” after being spared jail in the US for creating malware. The Guardian, July 25, 2019
Cyber Miscellany
Bitcoin Scammers Try and Fail to Sextort 86-Year-Old Woman Who Just Wanted a Free Bagel: All 86-year-old Arlene Kaganove wanted was a free bagel from Panera on her birthday. Instead, after signing up for the My Panera rewards program, Kaganove was sent threatening emails demanding she pay $1,400 worth of bitcoin—in exchange for a supposed recording of her watching porn. Gizmodo, July 26, 2019
SecureTheVillage Calendar — Register Now
Cybersecurity and Fraud for Nonprofits: Trends, Threats and Protecting Your Organization’s Assets
Los Angeles Chamber of Commerce
July 30 @ 7:45 am – 9:30 am
Registration: Contact LA Chamber
Plain Speaking on Cybersecurity Program 2: Cyber Risk: The Cybersecurity and Cyber Privacy Legal Threat Landscape
Los Angeles Cyber Lab / SecureTheVillage Summertime Lunch Series
August 7 @ 12:00 pm – 2:00 pm
Financial Services Cybersecurity Roundtable
August 9 @ 8:00 am – 10:00 am
Plain Speaking on Cybersecurity Program 3: SecuringTheHuman: Growing the Community
Los Angeles Cyber Lab / SecureTheVillage Summertime Lunch Series
August 28 @ 12:00 pm – 2:00 pm
For the C-Suite: Managing Your Company’s Information Security & Privacy Risk
Culver City Chamber of Commerce
August 29 @ 8:00 am – 11:30 am
Registration Opens Soon
Webinar: SecureTheVillage September Webinar
September 5 @ 10:00 am – 11:00 am
Security Summit 2019 … Connecting the Community
Los Angeles Cyber Lab
September 17 – 18
Webinar: SecureTheVillage October Webinar
October 3 @ 10:00 am – 11:00 am
Cybersecure SoCal 2019 Cybersecurity is a Team Sport!
… a joint presentation of SecureTheVillage and the Pepperdine Graziadio Business School’s CyRP Program
Register Now: Early Bird Registration $99 through Aug 31
Keynote Speaker: Ron Ross, Fellow at the National Institute of Standards and Technology. His focus areas include cybersecurity, systems security engineering, and risk management.
October 17 8:00 am – 3:30 pm