Welcome to The Tanium 10, our weekly roundup of the news that matters most to security and IT professionals. Each week, we spotlight the 10 stories, trend reports, and research that caught our eye—all to help you keep up with what’s happening in our fast-paced industry. We value your feedback. Once you’ve read this week’s insights, please email me here and tell me what you think.
The Tanium 10 for the week ending June 16, 2017
- The lingering effects of last month’s global ransomware attack were evident in Microsoft’s June 13 patch release. The company said it is releasing updates for all customers, including those using older versions of Windows, “because applying these updates provides further protection against potential attacks with characteristics similar to WannaCrypt.” Time to get patching, folks!
- Think you’re an outstanding problem solver? Guess again, sport. Research published in the MIT Sloan Management Review reveals we are all pretty wretched at solving problems. (Note: registration is required to view the full article, but we promise it’s worth the trouble.)
- Malware developers may be turning their attention to Apple’s Mac OS, which one researcher calls “a juicy target.” The latest Mac ransomware is offered to cybercriminals as a subscription service on the Dark Web, part of a new hacker SaaS movement.
- Tagalongs, samoas… and cybersecurity? Girls Scouts Of The USA and Palo Alto Networks are partnering on the first ever national Girl Scout Cybersecurity Badges. The first in a series of 18 badges will be rolled out in September 2018.
- Experian CISO Tom King — who has held various CISO posts for the past 20 years — says building a dynamic information security strategy for your business is only one part of the job. Equally important? Communicating the strategy clearly across the entire company.
- Why would Amazon want to buy Slack? The Atlantic’s Adrienne LaFrance breaks it down for us.
- Security researchers discovered malware they believe is the culprit behind cyber attacks on the Ukrainian Electric power grid in the northern part of Kiev last December. Unlike the Stuxnet worm, this “Industroyer” malware doesn’t need to exploit any zero-day vulnerabilities in order to control electricity substation switches and circuit breakers. Instead, it relies on four industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure systems. Isn’t that comforting?
- Are we evaluating our cybersecurity spending all wrong? This CSO thinks so.
- According to one ex-Pentagon aide testifying before the U.S. Senate, a large-scale cyber attack by North Korea “is likely to happen within the next year, if current trends continue.” In the face of this and other notable nation-state threats, senators spoke about the urgent need to upgrade the federal government’s security system, which the panel’s chairman, Sen. Cory Gardner, described as as “a fossil.”
- Danger comes in the most unexpected places. This week, we found out how Russian hackers are using Britney Spears’ Instagram comment section to test malware. And we learned how your router’s blinking LEDs can leak data to snoopers if you’re not careful.
And another thing…
It’s never too late to fulfill your dreams. Need proof? Check out this 45-year-old’s quest to, quite literally, knock one out of the ballpark. Now, what’s on your bucket list?
Like what you see? Click here and sign up to receive The Tanium 10 in your inbox every Friday.