Thursday, March 26, 2020

What I'm reading 3/26/2020 - The I'm Feeling Lazy Today Edition

Fifth Domain - Who should be responsible for critical infrastructure’s cybersecurity? -
 New research from industrial cybersecurity company Claroty found that the overwhelming majority of IT professionals believe the government should be responsibility for securing critical infrastructure.
According to Claroty’s new report, “The Global State of Industrial Cybersecurity," 87 percent of U.S. respondents said that it’s the federal government’s responsibility to ensure the security of critical infrastructure, the lowest number among the five countries polled.

ZDNet - Palo Alto Networks intros new security features in Prisma Cloud -
Palo Alto Networks on Wednesday announced new features for Prisma Cloud, the company's Cloud Native Security Platform (CNSP). New features in this latest release focus on giving DevOps and SecOps teams more visibility and improved security across the technology stack. 

Fifth Domain -  One senator wants vendors to ensure their internet connectivity devices are secure -
 Sen. Mark Warner is urging several network device vendors to ensure their products remain secure as millions of Americans work from home to slow the spread of the new coronavirus.
In his letters to Google, Netgear, CommScope, Asus, Belkin and Eero, the Virginia Democrat specifically expressed concern about wireless access points, routers, modems, mesh network systems and “related connectivity devices.”

Endgadget - Chinese digital spying is becoming more aggressive, researchers say -
Chinese government contractors carrying out cyber attacks is nothing new, but the scope of these current initiatives is concerning. Companies in about 20 countries are being targeted, and APT41 is carrying out subsequent attacks frequently: "This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years," says FireEye. "This new activity from this group shows how resourceful and how quickly they can leverage newly disclosed vulnerabilities to their advantage." Whether the attackers are purposely taking advantage of a reduced cybersecurity workforce during the coronavirus pandemic or the timing is just a coincidence remains to be determined.
APT-41 again

No comments: