Catch up on the past week’s news in cybersecurity.

News this week reminded us that phishing and whaling are not going away, they’re actually on the rise.  Just ask Goliath and Goliath who suffered a phishing attack last week. GDPR continues to make headlines this time in the context of blockchain. And more companies are discovering that are not as compliant with GDPR as they thought they were.  A scam involving the World Cup also made headlines this week as opportunistic attackers take advantage of those trying to get their tickets.

  1. Cyber expert says whaling as well as phishing is on the rise Via 702
    • Local comedy and entertainment agency, Goliath & Goliath has been the latest to fall victim to an email scam.  The hackers took R300 000 from the company through phishing. They gained access to the company's emails and requested clients to make payments to a different bank account.
  2. Focus on cyber resilience to protect your business, firms urged Via Business Daily Africa
    • Technology is double-edged and organisations, reliant on modern technological tools, should also invest in defences against cyber attacks to become resilient.  While technology helps businesses to conveniently access or deliver a variety of services, it also exposes them to risks. When computers connect to a network and begin communicating with others, they are exposed to risk.
  3. Look for the silver lining in GDPR’s privacy obligations Via CSO
    • Analytics, security and data-governance vendors are lining up to help businesses that have been caught out by the activation of the European Union’s general data privacy regulation (GDPR) and the looming introduction of similar Australian policies that threaten to overrun companies with consumer data requests.
  4. Regulator powerless to deal with latest data leak Via ITWeb
    • The Information Regulator is not yet fully functional and able to deal with the latest data leak that saw close to a million records of South Africans being exposed.  So said chairperson of the Information Regulator, advocate Pansy Tlakula, in a telephonic interview with ITWeb this morning.  South Africans have suffered another massive data leak which has resulted in close to a million personal records being exposed.
  5. Blockchain and GDPR: Can they get along? Via The Enterprisers Project
    • Blockchain promises immutable records. GDPR promises the right to be forgotten. How will this work out? Blockchain ranks right up there as the tech hype darling of the moment. Though blockchain is much less mature than say, AI, IT leaders are keeping a close eye on how blockchain may reshape vertical markets (such as finance) and functions (such as supply chain). Now some industry watchers are asking whether blockchain is headed for a bit of a collision with the European Union’s General Data Protection Regulation (GDPR).
  6. Government investigation finds federal agencies failing at cybersecurity basics, Via TechCrunch
    • The Office of Management and Budget reports that the federal government is a shambles — cybersecurity-wise, anyway. All told, nearly three quarters of federal agencies have cybersecurity programs that qualified as either “at risk” (significant gaps in security) or “high risk” (fundamental processes not in place).
  7. Cybercriminals on average have seven-day window of opportunity to attack, Via SC Magazine
    • Researchers looked at the difference in time between when an exploit is publicly available for a given vulnerability and the first time that a vulnerability is assessed and found the attacker has the first-mover advantage 76 percent of analyzed vulnerabilities, according to the firms Quantifying The Attacker's First-Mover Advantage report.
  8. Ghostery's GDPR notification exposes recipients addresses in batch emails, runs afoul of GDPR, Via SC Magazine
    • It seems the path to GDPR is fraught with GDPR violations – at least for privacy browser Ghostery, which exposed the email addresses of users to other users when it sent out GDPR notification emails Friday. Ghostery said it " will be reporting the incident as mandated by the GDPR" and has stopped distributing the email.
  9. The anatomy of a phishing attack, Via The Wall Street Journal
    • Cyberattacks on companies continue to grow more prevalent, sophisticated and dangerous. Organized criminals steal banking records, terrorists launch ransomware attacks, and state actors slip into information systems and go quiet until they see an opportunity to exploit their presence.
  10. How companies can create a cybersafe culture at work, Via The Wall Street Journal
    • As technical defenses against cyberattacks have improved, attackers have adapted by zeroing in on the weakest link: people. And too many companies are making it easy for the attackers to succeed.
  11. Security is more than an IT problem and C-Suite can't technologize their way out, Via HealthcareITNews
    • When it comes to security, there are more than enough tools on the market that tout the ability to shore up the ever-increasing number of threats. That’s all well and good, but simply relying on those isn’t nearly enough.
  12. World Cup 2018 tickets scam hitting fans worldwide, Via TechRadar
    • With just weeks until the start of World Cup 2018, fans across the world are busy getting excited to support their heroes. However ticket-hungry supporters still hoping to travel to Russia have been warned to beware a number of online scams targeting those desperate to see some action.
  13. Coca-Cola suffers breach at the hands of former employee, Via Bleeping Computer
    • The Coca-Cola company announced a data breach incident this week after a former employee was found in possession of worker data on a personal hard drive. The company learned of the security breach last September after law enforcement officials contacted Coca-Cola.

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

Have You Done These 4 Things for GDPR Compliance?

The May 25th GDPR deadline is upon us. …

The May 25th GDPR deadline is upon us. In the last edition … Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted May 17, 2018

Augment your Cyber Resilience Strategy with NextGen SIEM

Improve Response and Proactively Detect …

Improve Response and Proactively Detect Email Threats with t… Read More >

Michael Euperio

by Michael Euperio

Director of Technology Alliances at LogRhythm

Posted May 08, 2018

GDPR: Security VS Privacy

Top 4 Tips for a Post-GDPR World This i…

Top 4 Tips for a Post-GDPR World This is the third installm… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted May 03, 2018