Daily NCSC-FI news followup 2019-07-06

ACSC Releases Updated Essential Eight Maturity Model

www.us-cert.gov/ncas/current-activity/2019/07/05/acsc-releases-updated-essential-eight-maturity-model The Australian Cyber Security Centre (ACSC) has released updates to its Essential Eight Maturity Model. The model assists organizations in determining the maturity of their implementation of the Essential EightACSCs list of the top mitigation strategies to help organizations protect their systems against adversary threats. The model identifies three levels of maturity for each mitigation strategy.. link:

www.cyber.gov.au/publications/essential-eight-maturity-model

Inside Facebooks information warfare team

www.ft.com/content/70b86214-9e77-11e9-9c06-a4640c9feebb Social media giants info ops team is at frontline of its war on disinformation

What if All Your Slack Chats Were Leaked?

www.nytimes.com/2019/07/01/opinion/slack-chat-hackers-encryption.html Unless the company makes changes to its encryption and retention policies, using Slack could put your data at risk.. Slack is one of many Silicon Valley unicorns going public this year, but its the only one that has admitted it is at risk for nation-state attacks.

Beware of Fake Microsoft OneNote Audio Note Phishing Emails

www.bleepingcomputer.com/news/security/beware-of-fake-microsoft-onenote-audio-note-phishing-emails/ This campaign comes in the form of an email with the subject “New Audio Note Received” and claims that you have received a new audio message from a contact in your address book. In order to listen to the message, though, you will need to click on a link to listen to it.

You might be interested in …

Daily NCSC-FI news followup 2019-07-25

The Unsexy Threat to Election Security krebsonsecurity.com/2019/07/the-unsexy-threat-to-election-security/ Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and […]

Read More

Daily NCSC-FI news followup 2020-01-16

APT40 is run by the Hainan department of the Chinese Ministry of State Security intrusiontruth.wordpress.com/2020/01/16/apt40-is-run-by-the-hainan-department-of-the-chinese-ministry-of-state-security/ Either a Hainan intelligence officer has a side-hustle running a business empire of at least 13 fast-growing, high-tech information security companies, and that business empire has a side-hustle recruiting people with knowledge of the languages spoken in APT40 target countries […]

Read More

Daily NCSC-FI news followup 2021-03-08

A Basic Timeline of the Exchange Mass-Hack krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/ Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Heres a brief timeline of what we know leading up to last weeks mass-hack, when hundreds of thousands of Microsoft […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.