April 27, 2021
Good morning, everyone!
Sometimes I have a particular theme I want to talk about in this newsletter, and sometimes my head is just full of random concerns from all the news of the week. Guess what kind of week this is?
This week’s critical vulnerabilities:
Yet another reminder that you do NOT want to be the victim of ransomware. Quanta Computer, manufacturer of laptops for the likes of Apple, HP, Alienware, Dell, Lenovo, Cisco and Microsoft, recently suffered a data breach in the course of a ransomware attack. The ransomware group REvil claims they stole blueprints for Apple’s latest products, and have demanded $50M ransom. In the early days of ransomare, the bad guys just encrypted your data. Now they often steal a copy of their own before encrypting your copy. The legal fallout from this is expected to be significant.
Last week, the US Justice Department convened the Ransomware and Digital Extortion Task Force:
The Task Force will bring all of the Department's resources to bear to bolster our all-tools approach and work with our partners here and abroad to combat the threat of ransomware and digital extortion, and to ensure that we hold those who participate in the propagation of these crimes responsible and accountable
Let’s hope it helps.
Preparing for the Next SolarWinds Event
The Health Information Sharing and Analysis Center (H-ISAC) has published a new report, Preparing for the Next “SolarWinds” Event. While directed at healthcare institutions, the recommendations apply to any organization:
Simply put, the best ways to mitigate the next SolarWinds-level incident are having vulnerability awareness, applying proper patch application and management, implementing least privilege access, deploying Privileged User Monitoring & Access Control functions, and having access to reputable threat intelligence.
The report has a nice history of recent large attacks and how they unfolded. It’s an interesting read, and especially timely given the Passwordstate and Codecov attacks referenced above. Apparently software supply chain attacks are the new hotness in the world of cybercrime.
FLoC is a FLoP
“The worst aspect of FLoC is that it materially harms user privacy, under the guise of being privacy-friendly.”
Chrome users can opt-out of FLoC by either going to Settings -> Privacy and Security -> Cookies and Other Site Data and selecting “Block third-party cookies” or by installing the DuckDuckGo extension for Chrome. If you are concerned about privacy (and I hope you are!), it’s a good idea to clear cookies and cache in your browser on a regular basis (I do this every time I log out of a website, at a minimum).
Whew! I think that's enough for this week.
Talk to you again soon!
Security Awareness Training Goes Virtual
Thanks to COVID-19, lots of things are going virtual, and that includes my employee Security Awareness Training. I've set up a small studio in our conference room (nobody there but me) so I can provide live training (almost) just like before! You can see me wave my hands and make faces while a wall of fascinating facts and practical tips slideshow across your screens, wherever you and your employees may be.
Contact me to schedule your employee training sessions. They're fun! ☺