Welcome to another edition of the Infosec Monitor. A weekly newsletter covering what's happened, what's happening, and what's coming in cybersecurity.

In this week's edition of the Infosec Monitor: US Navy making key changes to cybersecurity approach, North Korea has stolen $3B in cryptocurrency, organizations are less likely to fire security professionals post breach, and more.

News

US Navy seeks to strengthen cybersecurity posture.

The US Navy is ramping up its cybersecurity game, recognizing that digital threats are as significant as physical ones. They're moving away from just ticking boxes for security standards and instead focusing on being ready to respond to real cyber threats. This means training everyone, from sailors to officers, in cyber awareness, updating their tech to be more secure, and working closely with other organizations to strengthen their cyber defenses. In a nutshell, the Navy is adapting to ensure that their ships and systems are as tough in the cyber world as they are at sea. Homeland Security Today Defense.gov

CISA and NCSC release AI secure guidelines

The US and the UK have co-authored guidelines for secure AI systems. The guidelines do not offer any regulations and are focused on building secure AI systems. The guidelines provide recommendations covering the entire lifecycle of an AI, including Secure design, secure development, secure deployment, and secure operations. Dark Reading CISANCSC

North Korea has stolen over $3B in cryptocurrency in the last 6 years

The US Treasury has sanctioned the cryptocurrency mixer Sinbad. A mixer is a service that obscures the origins of digital currencies. In the sanction, it's revealed that North Korea has stolen over $3B in cryptocurrency in the past 6 years, with over a quarter of that in 2022. The Hacker News

Interesting analysis of the MGM hack; what'd everyone get wrong?

What's old is new again? The MGM hack reveals hackers are once again breaching corporate networks through simple phone calls to help desks. This attack, blending social engineering with ransomware, exposes significant security gaps in identity verification and IT protocols. The article delves into the intricate details of the hack and underscores the emerging importance of device trust in cybersecurity. Kolide

Significant decrease in post-breach firings

Has the age of firing the CISO and other security leaders when a breach occurs expired? It didn't help at Clorox, but new research shows that more organizations are moving away from the blame game. The study shows that breach events led to firings at 13% of organizations, down from 31% the previous year. SC Magazine

Cyber Security Incidents

GE & DARPA Research Data Breached by IntelBroker

National defense contractor General Electric (GE) has been hacked, and classified research with DARPA, access credentials, SQL files, and more were stolen. Worry about follow-on attacks using the stolen GE credentials has been expressed since the hacker group IntelBroker is advertising the sale of the data. Dark Reading

The impact of the Okta breach expanded to all customer support users

Okta's breach, now two months ago, continues to grow as they announced this week that in addition to 1% of companies being impacted, it also included all customer support users. The expanded data included names and emails only. Reuters Bloomberg (Subscription Required)

Philadelphia and Texas water municipalities hacked

The attacks caused the Philadelphia municipality to stop service temporarily. The Texax municipality was hit by ransomware, impacting 33,844 sensitive data files. Ars Technica

AboutCybersecurity is at a crossroads, changing more rapidly than we believed was possible just a few years ago. Stay informed on what's going on, what's happened, and what's coming next.I'm Bryan Smith, the author of the Infosec Monitor. I've spent over a decade pioneering changes in how cybersecurity is managed. From helping create the first cyber risk quantification (CRQ) software to advising how to approach cybersecurity pragmatically and proactively.

Data & Research

70% Increase in Unique Malware

According to new research by Blackberry, the three-month period June-August saw a significant increase in unique malware. The majority of attacks have been in the US and against Healthcare. Followed up by Japan and Finance. BlackBerry

Widespread adoption expected in AI cybersecurity tooling

ArticWolf has new research on AI adoption in cybersecurity. 64% of the 800 respondents state that their organizations are highly likely to adopt AI-centric solutions. Arctic Wolf

Cybersecurity M&A

BlueVoyant acquires Conquest Security, Raises $140M in Series E. CRN

Thank you for reading Infosec Monitor. This post is public so feel free to share it.