Welcome to The Tanium 10, our weekly roundup of the news that matters most to security and IT professionals. Each week, we spotlight the 10 stories, trend reports, and research that caught our eye—all to help you keep up with what’s happening in our fast-paced industry. We value your feedback. Once you’ve read this week’s insights, please email me here and tell me what you think.
Were you at Black Hat in Las Vegas this week? Team Tanium was there. Truth be told, we’re still digesting all we saw and learned. Here are three of our favorite things: Facebook’s CSO Alex Stamos reminding us to practice empathy so we can understand why people fall victim to technically unsophisticated attacks; security researcher Nitay Artenstein’s presentation on flaws in Broadcom WiFi chips, which potentially leave a billion smartphones vulnerable to hacking; and the big reveal of the stingray cellular network security flaw.
And, if you’re riding out the rest of the week in Vegas by attending DEF CON 25, keep an eye out for tomorrow’s anticipated disclosure of a 20-year-old Windows SMB vulnerability.
Need a laugh? Take a gander at these IT pros in predicaments.
Here’s something else to boost your spirits: Dharavi Diary is teaching coding to underprivileged kids in one of Mumbai’s largest slums. Seventeen-year-old Ansuja Madival, one of the program’s first members, created the Women Fight Back app. Available on the Google Play store, it allows the user to set off distress alarms and send SMS alerts when facing danger.
If you’re planning to leave your organization for a new gig, don’t do it like this.
A.P. Moller-Maersk A/S and FedEx’s TNT unit, which were among the companies hit by last month’s NotPetya ransomware attack, are on the road to recovery, though the after-effects linger. Maersk is grappling with the limits of manual processing in some of its location, and FedEx says it may never be able to fully restore all of the affected systems. Meanwhile, Europol warns of escalating ransomware threats.
Good information security starts with good physical security. It’s one of 10 IT tenets that stand the test of time.
The U.K. government is launching the Cyber Schools Programme later this year to provide training to 6,000 kids aged 14-18. The effort is intended “to make sure the UK is prepared for the future and ready to tackle the growing threat posed by cyber criminals.”
NIST Framework updates are on the horizon. New drafts of the cybersecurity framework are due this fall, with the final version to be released in 2018. The updates are expected to clarify the section on measuring cybersecurity, introduce new authentication method descriptions, and add new language on cyber supply chain risk management. The organization will also evaluate, and potentially update, language throughout the document with an eye toward better accommodating IoT and Industrial Control Systems.
If you’re wondering how much time you have left before support lifecycles end for your organization’s various versions of Microsoft Windows and Office, check out this handy guide.
Don’t let counterfeit eyewear derail your Aug. 21 solar eclipse-watching plans.
Like what you see? Click here and sign up to receive The Tanium 10 in your inbox every Friday.