May – week 3

Welcome to the Bestman Solutions Security Brief.  This series of weekly posts will keep you updated on some highlights, lowlights and everything in between relating to Security and hiring in the industry for the past 7 days.    

 

 

How can we not discuss EasyJet?  Like the airline industry needed any more woes.

With 9 million customer records at risk it is already one of the UK’s largest breaches.

Potential future fines aside, could the reputational damage be limited by the fact that the commercial aviation industry will not be returning to normality for some time?

Click here

 

 

Accurics’ latest report “The State of DevOps” reveals that increased Cloud complexity is leading to security setbacks.

 

“…egregious mistakes are being made when provisioning and managing infrastructure through code. High severity risks such as open security groups, overly permissive IAM roles, and exposed cloud storage services constituted 67% of the issues……. “

“These risks are completely avoidable if popular compliance and governance frameworks such as CIS benchmark, PCIDSS, and SOC2 are used to define policy guardrails. However, the research indicated that these best practices were not being followed”

Click here for summary

Alternatively click here to download full report

 

 

Yet another COVID19 phishing campaign using Excel 4.0 macros.  One to keep an eye on.

Click for more

 

You may recall the Maria botnet attack that took down Amazon and Spotify in 2016.  Well new research has revealed a similar DDOS technique dubbed NXNSAttack that uses a disproportionately small number of computers to wreak havoc on a massive scale.

Click here

 

Chief suspect arrested by the Ukraine Secret Service for the stolen credentials amassing over 770 million records known as Collection 1.

Click here

 

 

Thoughts? Comments? Want further intel?  Don’t be shy reach out: ob@bestmansolutions.com

Other Posts...

Vacancy: Security Systems Engineer- (DevSecOps)

Vacancy: Security Systems Engineer- (DevSecOps)

3rd August 2020
Read More
BLACKHAT GUEST SPEAKER: Owanate Bestman

BLACKHAT GUEST SPEAKER: Owanate Bestman

30th July 2020
Read More
10 Free Cyber Security Training Courses

10 Free Cyber Security Training Courses

28th July 2020
Read More