Managed Security Services Provider Morning News: 27 November 2017
Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the lineup for Monday, November 27, 2017:
14. Guilty Plea?: A Canadian accused by the United States of helping Russian intelligence agents break into email accounts as part of a massive 2014 breach of Yahoo accounts is expected to plead guilty next week, Reuters reports.
13. Hacker Extradition: A Prague appeals court on Friday upheld a lower court ruling that a Russian man who faces charges of hacking computers at American companies can be extradited to the United States, according to the Associated Press. Czech authorities arrested Yevgeniy Nikulin in Prague in cooperation with the FBI in October last year. He is accused by U.S. prosecutors of penetrating computers at Silicon Valley firms including LinkedIn and Dropbox in 2012, the report noted.
12. YMCA Breach: The YMCA of Central Florida apparently suffered a breach in October 2017 and is now warning employees and consumers that financial account numbers, payment card numbers and perhaps even Social Security numbers and other personal info may have been accessed…
11. Healthcare Breach Settlement: Santa Barbara’s Cottage Health reached a $2 million settlement with the California Attorney General’s Office last week regarding two breaches of patient records security, one of which lasted three years, according to The Independent.
10. Tether Hack: Tether, a cryptocurrency pegged 1-to-1 to the U.S. dollar, was allegedly hacked today to the tune of $31 million, according to Bitcoin Magazine.
9. Bank Trojan: A malicious banking trojan, targeting Wells Fargo, Chase and Citibank customers, recently surfaced in the Google Play store. The trojan’s name: BankBot.
8. Equifax Class Action Lawsuit: Equifax faces a rare 50-state class-action suit against the credit reporting company. The complaint is an ambitious 322-page document that names plaintiffs from every state and the District of Columbia, according to CSO Online. The infamous Equifax breach, which impacted 145 million customers, triggered multiple executive retirements — including the departure of the company’s CEO, CIO and CISO.
7. Investment: Optus Business will invest AU$3.5 million into the Cyber Security Cooperative Research Centre (CSCRC), made up of AU$2.1 million in cash and AU$1.4 million worth of staff, according to ZDnet.
6. Cyber Insurance: A recent court ruling in Florida may serve as a reminder that commercial general liability policy may not cover a policyholder for a data breach lawsuit, or most other cyber risks for that matter, according to Hunton & Williams LLP.
5. Mobile Security: G+D Mobile Security, which manages digital identities and eSIM technology, has partnered with Bell Mobility to provide an eSIM management solution for Bell customers. With eSIM enabled devices, Bell customers are able to activate and manage their device subscriptions anytime and anywhere, the companies claim.
4. Communication Breakdown?: The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin’s crosshairs, The Associated Press has found.
3. Predictions: Here are three cybersecurity predictions for 2018 from HackRead.
2. MDR: The Managed Detection and Response (MDR) Market will reach $1.658 billion by 2022, up from $419.7 million in 2017, according to MarksandMarkets. That’s a 31.6 percent compound annual growth rate (CAGR).
1. Cloud Security: Watch for numerous announcements at Amazon’s AWS re:Invent 2017 conference this week in Las Vegas. We’ll share daily updates through at least Thursday.