Each morning MSSP Alert broadcasts a quick lineup of news, analysis and chatter from across the global managed security services provider, SOC (security operations center) and IT outsourcing ecosystem.
Here’s the update for Wednesday, July 11, 2018.
8. Alleged Technology Theft: U.S. authorities charged a former Apple employee with stealing trade secrets, accusing him of downloading a blueprint related to a self-driving car to a personal laptop before trying to flee the country for China, Reuters reports. Meanwhile, Chinese-owned electric vehicle firm XMotors says there is no indication that ex-Apple worker Zhang Xiaolang ever communicated any sensitive information from Apple to XMotors, Reuters adds.
7. Data Breach: Timehop, the company behind an app of the same name which shows what you posted on social media in previous years, said it “experienced a network intrusion” on July 4 impacting 21 million of its users, USA Today reports.
6. Hidden Data Breach Costs: One-third of the cost of "mega breaches" (over 1 million lost records) were derived from lost business, an IBM and Ponemon Institute research report on data breaches concludes.
5. Cryptocurrency Theft: Israeli-based cryptocurrency exchange Bancor fessed up to a security incident following which a hacker made off with roughly $13.5 million worth of cryptocurrency, BleepingComputer reports. Bancor's website is offline for "maintenance" as of Wednesday morning around 9 a.m. ET...
4. Meltdown and Spectre Vulnerabilities: The Department of Homeland Security has issued another update on the Meltdown and Spectre chip vulnerabilities. The July 10, 2018 update is known as Update H.
2. Free Asset Visibility: Qualys has launched Qualys Community Edition, a free cloud-based service for MSPs and small businesses. It offers visibility of IT and web assets, and the ability to easily assess security and compliance postures, the company says. Qualys Community Edition will be available at the end of July. It includes unlimited scanning of up to 16 internal assets, three external assets and one web application URL. Users receive one virtual appliance for scanning non-public-facing assets, the company says.