Services PIP America protects the value in your organization by managing operational risk in the cyber era
About Us Our unique partnership of top-tier consultants and U.S. military leaders aims to secure and grow American critical infrastructure, private enterprise and government Find out more about our team
Leadership Team Our people are world-class. Drawn from the highest levels of the U.S military and top-tier industry firms, they have deep industry and implementation experience Meet our Leadership Team
HighlightedPIPers Our people are world-class. Drawn from the highest levels of the U.S military and top-tier industry firms, they have deep industry and implementation experience Meet our Team
Contact Us Thank you for your interest. Get in touch with your questions or feedback Contact us to find out how we can help you
by Dawn Dunkerley Contributing Editor Is AWS Liable in Capital One Breach? – Threatpost Senators penned a letter to the FTC urging it to investigate whether Amazon is to blame for the massive Capital One data breach disclosed earlier this year. Amazon is at least partly to blame for the massive 2019 Capital One breach that impacted more than 100 million customers, senators are alleging. Editor’s note: This particular quote should bring pause to anyone who hands over their cyber security responsibility and visibility to a cloud provider – “Amazon knew, or should have known, that AWS was vulnerable to server-side request forgery [SSRF] attacks,” the senators wrote on Thursday. “Although Amazon’s competitors addressed the threat of SSRF attacks several years ago, Amazon continues to sell defective cloud computing services to businesses, government agencies, and to the general public. As such, Amazon shares some responsibility for the theft of data on 100 million Capital One customers.” Arguments exist for blame to be placed across the spectrum, but the key takeaway is that the blind trust and assumptions often put in their managed service providers need a relook. READ MORE Unsecured Adobe Server Exposes Data for 7.5 Million Creative Cloud Users – The Hacker News The U.S. multinational computer software company Adobe has suffered a serious security breach earlier this month that exposed user records’ database belonging to the company’s popular Creative Cloud service. Editor’s note: Another month, another rash of Adobe issues. READ MORE 5 Things the Hoodie & the Hard Hat Need to Know About Each Other – Dark Reading Traditionally, the worlds of IT (the hoodie) and OT (the hard hat) have been separate. That must change. Editor’s Note: A great article comparing and contrasting Information Technology and Operational Technology environments; I particularly like the point that OT personnel are being pushed to innovate by outside forces that often don’t understand the OT environment. The challenge is aligning this innovation with cybersecurity in a balanced approach. READ MORE Cybercriminals Impersonate Russian APT ‘Fancy Bear’ to Launch DDoS Attacks – Threatpost Attacks are targeting international companies in the financial sector, demanding that victims pay ransom in Bitcoin. Cybercriminals posing as the Russian APT group Fancy Bear have been launching DDoS attacks against companies in the financial sector and demanding ransom payments, according to a new report. Editor’s Note: This is a great example of why it’s important to understand threat actors and how they work; copycats often steal their methodologies, even their names. READ MORE The scariest hacks and vulnerabilities of 2019 – ZDNet Yes, this is one of those end-of-year summaries. And it’s a long one, since 2019 has been a disaster in terms of cybersecurity news, with one or more major stories breaking on a weekly basis. Editor’s Note: A bold move to put out an “end-of-year” summary in October! That being said, a good summary of the year’s events, and very interesting to see how varied the affected industries have become. READ MORE Leave a Reply Cancel reply Your email address will not be published. Required fields are marked *Comment Name * Email * Website
