Did you miss Cyber Security Summit - Miami? Check out our session →·Watch on Demand
Cyral
Blog

The Security Digest: #64

Chaos unfolded for a meat producer over the weekend, likely from what else but ransomware. Suspected Solar Winds hackers are back, VPN breaches from state sponsored hackers, a wiper is masquerading as ransomware and a silicon based security issue with M1 chips. In owl news, we check in on the western screech owl in Canada and finally shoutout a rewrite of policy as code tool CloudFormation Guard.

  • The NY MTA hack was due to a Pulse Secure VPN zero day but failed to get any customer or employee data via BleepingComputer. This puts a name to one of the companies affected in the report we mentioned last week in TSD-63 from Mandiant / FireEye.
  • Speaking of FireEye and Mandiant, FireEye the product company that bought Mandiant in 2014 is selling the FireEye product and name to focus on Mandiant Solutions via CNBC
  • The Supreme Court ruled on the CFAA limiting the scope, read more at Ars Technica
  • The US government announced that they were going to treat ransomware like terrorism, read more at Mashable
  • Wired has a story on how NYC has 15,000 cameras

Owl fun and facts:

Look at that owl, that owl is owlsome. You might be able to see this owl in Montana.

A Shout Out:

Jason Dyke from ScaleSec is back with a brand new project called Project Lockdown.

“Project Lockdown is a collection of serverless event-driven auto remediation Cloud Functions designed to react to unsecure resource creations or configurations. Project Lockdown is meant to be deployed in a GCP environment and has the capabilities to monitor and remediate across your entire Organization hierarchy in a matter of seconds.”

About:

TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.

Check back here every Tuesday for more TSD or sign up below to stay in the loop!

Please reach out to us directly, via security@cyral.com or on Twitter at @dant24 if you have any questions, concerns, tips or anything else!

That’s owl for now!

CyralWeeklySecurityDigest_HeroImage
Subscribe to our Blog

Get stories about data security delivered directly to your inbox

Try Cyral

Get Started in Minutes with our Free Trial