I’ve been spending a couple of days this week at the SANS EU Security awareness summit which has featured some exceptionally good speakers. Dr. Jessica Barker was the opening keynote and made some great points about optimism and how positive reinforcement is a far better motivator in security than the usual negativity.
As I’m one that likes to take on board good ideas and implement them as quickly as possible – today’s wrap up will feature an optimistic and bright tone. So, put on your rose tinted glasses, sit back, and enjoy this week’s wrap up.
Uber invests in Florida youth
A hacker only identified as a 20-year old Florida man, was apparently behind the Uber breach a year ago. Uber was so grateful it awarded him $100,000 via HackerOne bug bounty platform, but wanted to keep its act of philanthropy quiet.
No word on whether the youth will spend the money on an orphanage or an animal shelter, but we are hopeful.
- Uber hacked by a 20-year-old man in the US | Computer Weekly
- Uber paid 20-year-old man to hide hack, destroy data | ZDNet
- Three Uber security managers resign after CEO criticizes practices | Reuters
$60m in bitcoin shared
The days of Robin Hood aren’t over. Over $60m in cryptocurrency has been involuntarily redistributed after hackers bloke into Slovenian-based bitcoin mining marketplace NiceHash.
- More than $60 million worth of bitcoin potentially stolen after hack on cryptocurrency site | CNBC
- Bitcoin: $64m in cryptocurrency stolen in 'sophisticated' hack, exchange says | The Guardian
- $60m Bitcoin heist potentially hits cryptocurrency mining site | CBRonline
Three ways to improve cybersecurity maturity
I really like the name, “The Rochford Files” which is the contributed blog by Oliver Rochford on CSO.
Keeping in tune with my optimistic theme, the subtitle is “here’s what’s holding us back” – but I’d rather rephrase it as “Here are our greatest opportunities”.
It’s that time of year for everyone to collectively gaze into crystal balls and predict what the new year will bring.
I jumped onto the bandwagon myself and boldly made some predictions. The good thing about the future though is that it never comes, so you can never be proven wrong!
- Six Cybersecurity Predictions for The Year Ahead | AlienVault
- Security predictions for 2018 Paradigm Shifts | Trend Micro
- Cyber security predictions for 2018 | Information Age
- 60 Cybersecurity Predictions For 2018 | Forbes
- Forrester's top 6 cybersecurity predictions for 2018 | Tech Republic
UK MP’s bring security awareness to the masses
UK members of parliament have spent this week going above and beyond the call of duty. In an amazing display of ingenuity MPs such as Nadine Dorries claimed that password sharing was common practice. Leading to a raft of opinions explaining why it was a bad idea.
The best in guerrilla security awareness.
- British MPs are ignorant about basic password security, and proud of it | The Next Web
- The attitudes of credential sharing | J4vv4D
- The trouble with politicians sharing passwords | Troy Hunt
- The lax computer security of British MPs - as detailed in their own tweets | Graham Cluley
We’ve finally made it!
Alfred Ng of CNET clearly has got the memo in this article, Security finally got the awareness it needed in 2017. Now what?
After being largely ignored for years, cybersecurity has shouted and shoved its way into the national conversation, thanks to significant attacks that affected personal finances, home devices and the political scene. Researchers saw the writing on the wall for years but often had a difficult time getting the public to listen to their warnings.
"It was my job to be responsible for things like raising awareness of cybersecurity risk," said Reitinger, CEO of the Global Cyber Alliance and a former cybersecurity director at the Department of Homeland Security. "And I have abjectly failed over the last 20 years, as has everyone else in the industry."
Ethiopian hackers confess to spyware campaign
In an apparent change of heart, Ethiopian hackers tasked with targeting dissidents in 20 countries had a change of heart and published their log-file, which revealed the entire target list.