SC Magazine, January 18, 2021
A pair of cybersecurity firms this month announced a slate of new career training and education courses that will be made freely available to the public. These complimentary offerings are helping current, aspiring and unemployed infosec professionals gain an upper hand in a down economy, while aiding an industry facing a growing skills gap.
SC Magazine, January 18, 2021
Security Boulevard, January 12, 2020
Data Privacy Day is Jan. 28, just like it is every year. But as with everything else, COVID-19 has forced us to reconsider a new normal for enforcing data privacy in the work-from-home (WFH) environment. Sponsored by the National Cyber Security Alliance (NCSA), Data Privacy Day is designed to “inspire dialogue and empower individuals and companies to take action” on the way personal information is collected, stored and used.
GCN, January 11, 2021
Federal IT staff have a massive job ahead of them cleaning up after the rioters who broke into the U.S. Capitol building, some of whom rifled through lawmakers offices.
While improving physical security for the building and for lawmakers and staff who work there is the first priority, experts have said the rioters’ unprecedented access to offices, files and computers can have serious cybersecurity ramifications.
SecurityWeek, January 11, 2021
Hundreds of protesters stormed the U.S. Capitol on Wednesday just as the House and Senate were certifying the election victory of Joe Biden. While much of the focus was on the physical destruction caused by the protesters, many people have pointed out that rioters gained access to computers in the Capitol, which in some cases were still turned on and logged in, as their users were forced to quickly evacuate.
TidBits, January 8, 2021
Hidden amidst the physical cleanup and repairs necessary after a mob of rioters stormed and occupied the US Capitol are significant cybersecurity concerns. At Wired, Lily Hay Newman writes about the cybersecurity implications of the invasion, explaining some of the breaches that happened and discussing others that could have happened if foreign intelligence agents piggybacked on the takeover.
WIRED, January 8, 2021
IN THE AFTERMATH of destructive riots that trashed the United States Capitol on Wednesday, the nation is grappling with questions about the stability and trajectory of US democracy. But inside the Capitol building itself, the congressional support staff is dealing with more immediate logistics, like cleanup and repairs. A crucial part of that: the process of securing the offices and digital systems after hundreds of people had unprecedented access to them.
Channel Futures, January 7, 2021
Kevin Coleman is executive director of the National Cyber Security Alliance. He said Capitol rioters stole U.S. Sen. Jeff Merkley’s laptop. And any rioters ransacking House Speaker Nancy Pelosi’s office could have seen or accessed sensitive information.
Data Center Knowledge , December 17, 2020
On Sunday, we learned that federal agencies and other organizations had been penetrated by nation-state attackers, identified as Russian by multiple sources.
Though the definitive attribution for the attacks won't come for a while, we do know how the attack occurred.
SDxCentral, December 16, 2020
As many as 18,000 SolarWinds customers installed the company’s Orion software updates containing malicious code likely inserted by Russian nation-state hackers, according to documents filed with the U.S. Securities and Exchange Commission on Monday.
The SolarWinds attack may have also hit Microsoft customers. In its SEC filing, SolarWinds said the hackers compromised its Office 365 email and office productivity accounts.