Home / Email Newsletter for September 25, 2020

Email Newsletter for September 25, 2020

Posted by Omnistruct Marketing on Sep 25, 2020 5:38:53 PM
Cybersecurity news that matters for the week ending Sept 18. The cybersecurity month is coming next month!

Cybersecurity News of the Week, September 25, 2020


NIST 800-53 Revision 5 is now Final!

Omnistruct will be evaluating the changes over the next 3 weeks to upgrade their existing customers and to help ensure compliance with the new revision of the NIST 800-53 guidelines. Customers already on 800-53 maintenance will automatically be upgraded to the latest revision.


New Known Breaches in the Past Week

MU Health Care says up to 180,000 patients impacted by data breach

MU Health Care announced Friday that a data breach may have included information of around 180,000 patients. MU said it had determined that unauthorized persons gained access to six employee email accounts which held patient information through an email phishing incident between May 4-6 earlier this year. By: Dani Major - September 18, 2020


Montefiore employee terminated after data breach affected up to 4,000 patient records

On Friday, Montefiore Medical Center alerted patients that a former employee had recently stolen personal information from roughly 4,000 patient records, which led Montefiore to terminate the employee upon learning of the security breach and potential identity theft. By Jeff Lagasse | September 21, 2020


Hacker Breached 540,000 Referees, League Officials, and School Representatives for Ransom and Won

A particular company that actually provides software for a few sports leagues all the way to managing referees and game officials has just recently disclosed that an actual security incident has impacted about 540,000 of the members that have registered consisting of league officials, referees, and also school representatives. By Urian B. Tech Times | September 22, 2020


Senators Probe VA After Data Breach Affecting 46K Veterans, 17K Providers

A group of Democratic Senators led by Jon Tester, D-Montana, is demanding answers from the Department of Veterans Affairs after a reported data breach that impacted the personal and health information of about 46,000 veterans and 17,000 community care providers. By Jessica Davis | September 22, 2020


MultiCare warning patients of data breach impacting roughly 300,000 people

MultiCare says the worldwide data security breach impacted Blackbaud Inc., a platform is used by MultiCare Foundations, as well as other non-profits, for engagement and fundraising purposes. The breach affected more than 25,000 non-profit organizations across the world. By Emily Oliver | September 22, 2020


Call Of Duty Accounts Hacked? Activision Denies Any Compromise

According to reports, more than 500,000 Activision accounts may have been hacked with login data compromised. The eSports site Dexerto has reported that a data breach occurred on Sunday, September 20. The credentials to access these accounts are, Dexerto said, being leaked publicly, and account details changed to prevent easy recovery by the rightful owners. By Davey Winder | September 21, 2020


California Elementary Kids Kicked Off Online Learning by Ransomware

As students head back to the classroom, the spate of ransomware attacks against schools is continuing. The latest is a strike against a California school district that closed down remote learning for 6,000 elementary school students, according to city officials. By Tara Seals | September 17, 2020


General Cybersecurity News

Cybersecurity in Power: Macroeconomic Trends

The growth in cyberwarfare and the rapid proliferation of smart and connected grid components will mean that investment in cybersecurity will remain a top priority for utility IT departments. By GlobalData Thematic Research | 22 September 2020


Being Cyber Resilient Is Critical for the Maritime Industry

Cyber-attacks against maritime and shipping organizations are only increasing. Notwithstanding the IMO’s requirement for organizations in this sector to achieve cyber resilience by 2021, more and more entities are being crippled by malicious attacks. By Anastasios Arampatzis | September 22, 2020


Cybersecurity experts: Requesting ballots by email is safe

COLUMBUS, Ohio — A group of leading cybersecurity experts told an Ohio court that absentee ballot applications can be safely transmitted using email, countering the secretary of state's assertions that the practice would open up voting in the presidential battleground to outside interference. By Julie Carr Smyth | September 22, 2020


Kognos Emerges from Stealth, Launches Cybersecurity Industry’s First Autonomous XDR Platform to Track Attacker Campaigns with Security-Aware AI

Kognos, creators of the cybersecurity industry’s first autonomous XDR investigator platform, today launched the Autonomous XDR Investigator, a platform backed by security-aware AI that empowers customers to automatically detect, investigate and respond to attack campaigns in real time. By Deb Schalm on September 22, 2020


Cyber Operatives Target US Voting Systems

Increased security measures are not stopping cyber operatives from looking for ways to break into critical U.S. voting systems, according to officials charged with safeguarding the nation's Nov. 3 presidential election. By Jeff Seldin | September 22, 2020


BlueVoyant Research Reveals That 92% of US Organizations Have Experienced a Breach Because of Weaknesses in Their Supply Chain

BlueVoyant, a global, expert-driven cybersecurity services company, today released the US findings of its global study into third-party cyber risk management. The study reveals that 92% of US organizations surveyed had experienced a cybersecurity breach that originated from vulnerabilities in their vendor ecosystem in the past 12 months. The average respondent's organization had been breached in this way 3.1 times, which was the highest out of all the countries surveyed. By RNewswire | September 23, 2020

Small Business Cybersecurity Concerns


ESET Launches Cyber Security Products Bundle for Small Business

ESET just launched its ESET Remote Workforce Offer. This bundle of security products can help small and medium-sized businesses prevent ransomware and malicious threats to protect remote workers. By Michael Guta | September 20, 2020


GCA Updates Cybersecurity Toolkit for Small Business

The Global Cyber Alliance (GCA), an international nonprofit dedicated to reducing cyber risk, announced today the release of an updated version of its Cybersecurity Toolkit for Small Business. This new edition builds on the original toolkit, released in February 2019, with an improved user experience and expanded educational resources. By Global Cyber Alliance | September 23, 2020


Virtual Small Business Cybersecurity Summit

The 2020 Small Business Cybersecurity Summit is a 3-hour virtual workshop showcasing information and resources that small & medium-sized businesses can put into action to improve their security. September 23, 2020

CVE Announcements This Week


Zerologon explained: Why you should patch this critical Windows Server flaw now

Attackers have learned how to exploit the Zerologon vulnerability in Windows Server, potentially gaining domain admin control. By Lucian Constantin | September 23, 2020


CISA Joins MITRE to Issue Vulnerability Identifiers

The US Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has taken over responsibility for assigning Common Vulnerability Enumeration (CVE) identifiers for software vulnerabilities in two specific industries — medical devices and industrial control systems — as part of a planned expansion in the number of organizations managing vulnerability information, according to CISA and government contractor MITRE. By Dark Reading | September 16, 2020


PiiQ Media Releases Fortune 100 Company Executive Cyber Risk Report

PiiQ Media concludes a cyber security risk assessment of exposed online PII for top executives across all US Fortune 100 companies. The assessment was conducted using PiiQ Media’s Threat Intelligence software, automating risk analysis and scoring of exposed PII across the top social media platforms. The results underscore the extreme weakness in personal social media, email, and password security. By Business Wire | September 23, 2020


MSP News


Masergy Named Most Innovative Managed SD-WAN Service Provider by Frost & Sullivan

Masergy, the software-defined network and cloud platform for the digital enterprise, today announced it has been named as most innovative in the Frost & Sullivan report, “Frost Radar: North American Managed SD-WAN Services Market, 2020.” Frost & Sullivan evaluated nine SD-WAN managed service providers and positions Masergy as the leader in the Innovation Index, outpacing the industry’s largest providers. By Business Wire | September 22, 2020


Mission Launches Managed Service for AWS Threat Detection & Incident Response

Mission, a managed cloud services provider and Premier Consulting Partner in the Amazon Web Services (AWS) Partner Network (APN), today announced the launch of Mission MDR, a fully-managed threat detection and incident response solution delivered by Mission’s team of AWS-certified cloud experts. Mission MDR is powered by Alert Logic’s industry-leading solution with its award-winning technology platform, cutting-edge threat intelligence, and expert security defenders. By Globe Newswire | September 23, 2020

Cyber Insurance News


First Charges Filed Under New York’s Cyber Reg Involve First American Data Leak

The New York State Department of Financial Services (DFS) filed cybersecurity charges against a title insurance provider for exposing millions of documents containing consumers’ personal information. By Elizabeth Blosfield | September 21, 2020


USI Affinity, Crum & Forster to Provide Cyber Coverage to American Bar Association Law Firms

USI Affinity and the American Bar Association (ABA) have partnered with Crum & Forster to offer a cyber liability insurance program for law firms nationwide. As the broker for the ABA Insurance Program, USI Affinity now offers access to this new cyber liability program designed for law firms. By Daniyal | September 21, 2020

Regulations, Frameworks, and Controls


16 Ways Tech Leaders Can Keep Up With Data Privacy Laws

As consumers and businesses alike become increasingly concerned with how their information is being used, data privacy regulations are coming online both overseas and in the U.S. However, there is currently no single, universal law that dictates data protection, so tech leaders have to take extra care to stay “in the know.” By Forbes Technology Council | September 22, 2020


A guide to the NIST Cyber Security Framework

One of the main ways in which businesses measure their preparedness in managing cyber-related security risks is to benchmark themselves against the Cybersecurity Framework developed by the NIST (National Institute of Standards and Technology, U.S. Department of Commerce). With cybersecurity threats growing exponentially, it has never been more important to put together an efficient cyber risk management policy – the NIST Framework can help businesses do so. By Julian Hall | September 24, 2020


Would you like to learn more?


Omnistruct Marketing