Security Never Sleeps- Hacking Energy Companies, Endpoint Security

Hacking attack on energy companies raises sabotage fears

“Two dozen energy companies affected”

More than two dozen energy companies and utility providers in the US and Europe have been attacked as a part of a cyber hacking campaign which looks to infiltrate the control systems of power supply organizations. The Dragonfly attack group, also known as Energetic Bear and Crouching Yeti, has been operating hacking attempts since 2011 but appeared to cease activity after being publicly exposed in 2014.

Data Breach Costs Vary Significantly by Organization

“Forrester reports on data theft” 

Forrester has recently released a report that advises businesses to not use publicly reported breach costs at other organizations as an estimate for what you might end up paying for a breach. One of the biggest mistakes that security professionals make when estimating data breach costs is to assume they can use publicly reported costs from breaches at other organizations as a reasonable proxy for their own, and many do not take this into account when planning for their own possible incidents.

Multiple Vulnerabilities Found in Mobile Bootloaders

“Issues in bootloaders of popular mobile platforms”

Security researchers from the University of California, Santa Barbara have discovered a code execution series and denial of service vulnerabilities in the bootloaders of many mobile systems. Using a newly created tool called BootStomp, the researchers found six previously-unknown possible breach points, five of which have been validated by their creators.

Endpoint Security Overload

“Teams are over-investing in endpoint security tools, drives inefficiencies”

An excess of endpoint security tools in organizations is driving “information security debt,” according to a new report by 451 Research and Digital Guardian. The “Voice of the Enterprise” touches on the use and consolidation of endpoint security tools found that the more endpoint security systems an enterprise has, the greater the cost of managing them. Security teams are struggling with inefficiency because they’re moving from dashboard to dashboard all day.

Enjoy your read? Check out our other content here.