Web skimmers hit Warner Music e-commerce sites | Alleged cyberattacks on Miami-Dade schools linked to teen | Wave of DDoS attacks hits European ISPs
September 4, 2020
SmartBrief on Cybersecurity
Security and risk management news that matters to the C-SuiteSIGN UP ⋅   SHARE
Top Story
Web skimmers hit Warner Music e-commerce sites
(Warner Music Group)
Warner Music Group reports that some of its e-commerce sites were targeted with web skimming attacks between April 25 and Aug. 5, potentially exposing an unknown number of consumers' personal and financial data. The company did not outline which sites were targeted, but said they were "hosted and supported by an external service provider."
Full Story: ZDNet (9/3),  TechNadu (India) (9/4) 
LinkedIn Twitter Facebook Email
Data Breaches
A 16-year-old student was arrested for alleged involvement in cyberattacks on the virtual learning platform of the Miami-Dade County school district. Authorities said the student, a junior at South Miami Senior High School, confessed to eight of the more than a dozen distributed-denial-of-service attacks that disrupted virtual classes for 200,000 students.
Full Story: The Hill (9/3) 
LinkedIn Twitter Facebook Email
Multiple internet service providers in France, Belgium and the Netherlands have been hit with distributed-denial-of-service attacks over the past week that interrupted service and in some cases persisted for hours. Officials in the Netherlands said the attacks in that country were accompanied by demands for large sums of cryptocurrency -- a tactic also used in a wave of recent DDoS attacks against financial institutions around the world.
Full Story: ZDNet (9/3) 
LinkedIn Twitter Facebook Email
Election Security
E-voting company Voatz wants to restrict the access of researchers conducting ethical hacks on voting systems to detect flaws because it is difficult to distinguish between unauthorized researchers and genuine hackers, the company says in a Supreme Court brief. Bugcrowd founder Casey Ellis disagrees, saying, "Unauthorized access is one of the main purposes of security research -- by making it illegal, researchers will be unable to effectively do their jobs, the organization will not be able to close all vulnerabilities, and attackers will win."
Full Story: CNET (9/3) 
LinkedIn Twitter Facebook Email
Spotlight on Manufacturing
The 1 in 3 companies in the digital supply chain that expose basic functions to the internet should either air-gap those services or introduce security controls, advises a report by the Mastercard company RiskRecon and cybersecurity research services firm Cyentia Institute. RiskRecon says its study confirms the correlation between unsafe network services and wider security failures in the digital supply chain.
Full Story: TechRepublic (9/2) 
LinkedIn Twitter Facebook Email
Managing Data
Vulcan Cyber issued a study saying that most IT departments are ill-equipped to gauge the maturity of their vulnerability remediation programs. Nearly half of 100 survey respondents said they were up on vulnerability scanning and use of remediation tools, while 31% were involved in business alignment around cyber objectives.
Full Story: ZDNet (9/3) 
LinkedIn Twitter Facebook Email
Government Security and Policy
A US cybersecurity agency has directed other federal departments to write and disclose policies aimed at simplifying procedures for the public to report potential security flaws and receive responses to them. The Cybersecurity and Infrastructure Security Agency's Bryan Ware said the new policy will strengthen the Department of Homeland Security's ability to protect governmental networks.
Full Story: The Hill (9/2) 
LinkedIn Twitter Facebook Email
Editor's Note
SmartBrief will not publish Monday
In observance of Labor Day in the US, SmartBrief will not publish Monday. Publication will resume Tuesday.
LinkedIn Twitter Facebook Email
Sharing SmartBrief on Cybersecurity with your network keeps the quality of content high and these newsletters free.
SmartBrief will donate $10 per new reader to organizations fighting for climate reform, women's rights, global health initiatives and more.
Or copy and share your personalized link:
Don't listen to anyone who doesn't know how to dream.
Liza Minnelli,
actor, singer
LinkedIn Twitter Facebook Email
SmartBrief publishes more than 200 free industry newsletters - Browse our portfolio
Sign Up  |    Update Profile  |    Advertise with SmartBrief
Unsubscribe  |    Privacy policy
SmartBrief, Inc.®, 555 11th ST NW, Suite 600, Washington, DC 20004