InfoSec Industry News

August 2018 Edition

  • Singapore’s Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen:  Singapore’s largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. So far there's no evidence of who was behind the attack, but the MOH stated that the cyber-attack was "not the work of casual hackers or criminal gangs." | Read more from The Hacker News here.

  • US Computer Emergency Readiness Team (CERT): The US-CERT Cyber-Security Bulletin lists new vulnerabilities each week as recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). The vulnerabilities are listed by severity and are based on the CVE vulnerability-naming standard. This week's US-CERT alerts can be found here. | National Vulnerability Database summary found here
  • Singapore’s Largest Healthcare Group Hacked, 1.5 Million Patient Records Stolen:  Singapore’s largest healthcare group, SingHealth, has suffered a massive data breach that allowed hackers to snatch personal information on 1.5 million patients who visited SingHealth clinics between May 2015 and July 2018. So far there's no evidence of who was behind the attack, but the MOH stated that the cyber-attack was "not the work of casual hackers or criminal gangs." | Read more from The Hacker News here.
  • Global Shipping Giant COSCO Shut Down by Ransomware: A ransomware attack has crippled the U.S. network of the Chinese shipping giant COSCO. The Chinese Ocean shipping company's US website and email have both been locked down. An internal email confirmed it was a ransomware attack. | Read more from Computer Business Review here.
  • Three Members of FIN7 (Carbanak) Gang Charged with Stealing 15 Million Credit Cards: Three members of the cybercrime gang known as FIN7 and Carbanak have been indicted and charged with 26 felony counts of conspiracy, wire fraud, computer hacking, access device fraud, and aggravated identity theft. The gang stole over a billion euros from banks across the world and stole the credit card records of more than 15 million customers from U.S. companies. | Read more from Security Affairs here.
  • ERP Security Warning as Hackers Step Up Attacks on Systems: The U.S. Department of Homeland Security has warned businesses of the growing risk of attacks targeting enterprise resource planning (ERP) systems. An alert posted by the United States Computer Emergency Readiness Team (US-CERT) warned that attackers are seeking to exploit vulnerabilities in ERP system to access sensitive information. ERP systems make an appealing target for hackers, as they run business-critical processes and house sensitive corporate information, which can be used for cyber espionage. | Read more from ZDNet here.
  • NCC: Facebook and Google Manipulate Users to Share Personal Data Despite GDPR: Despite the new GDPR law entering into effect across Europe, Facebook and Google are manipulating users into sharing personal data by leveraging misleading wording and confusing interfaces, according to a report by the Norwegian Consumer Council (NCC). The patterns include misleading privacy-intrusive default settings, misleading wording, giving users an illusion of control, hiding away from privacy-friendly choices, take-it-or-leave-it choices, and choice architectures where choosing the privacy-friendly option requires more effort from the users. | Read more from Bleeping Computer here.
  • Google Pledges to Foil Phishing Attacks with New Titan Security Key: The Titan Security Key reduces the risk of attackers using stolen credentials to access a user’s account, as the security key is also required to log in. Google says it developed the firmware to verify the integrity of the second-factor login, which uses cryptography to ensure you're logging into the site you registered the key with, and verifies the key is correct. | Read more from ZDNet here.

zDefender® on Splunkbase

  • Did you know CorreLog now has zDefender® available for Splunk?
  • Click here for more info.

Mainframe Security Gap Video

Watch our video explaining the mainframe security gap and how CorreLog reduces risks.



Webinars On-Demand


SHARE.org Webinar "GDPR Compliance for Mainframe Data" with CorreLog/Infotel

Learn more about the finer points of the GDPR as it relates to mainframe data compliance as well as focusing on a new role in IT required by the regulation, the Data Protection Officer Watch here. 


"PEN Testing z/OS" with Phil Young

Learn more about z/OS Pen Testing with esteemed mainframe security researcher Philip Young, detailing how each attack is detectable up-to-the-second in your distributed SIEM. Watch here. 


Latest Resources


MAINFRAME SECURITY WHITEPAPERS:

“Impact from the New GDPR: Countdown begins...”
Click here to download.

“Real-time Mainframe SIEM 101: Mainframe Cyber Threat is Real"
Click here to download.


InfoSec Industry Events

  • September 4-9: SANS Tampa-Clearwater 2018 | Hyatt Regency Clearwater, Clearwater, FL | Event Link
  • September 9: BSides St. Louis | Moolah Shrine, St. Louis, MO | Event Link
  • September 8-10: International Conference on Computing and Big Data (ICCBD) | College of Charleston, Charleston, SC | Event Link
  • September 13-14: Hacker Halted USA | Georgia International Convention Center, Atlanta, GA | Event Link
  • October 17-18: Cyber Security Atlanta | Georgia World Congress Center, Atlanta, GA | Event Link

CorreLog Product News

CorreLog, Inc. Partners with BMC, Adding the Mainframe Event Logging Capability of CorreLog zDefender™ to Extend Real-time Security Visibility into BMC Customers' SIEM Solutions and SOCs.

  • CorreLog zDefender™ will deliver real-time security event messages from RACF®, CA ACF2™, Top Secret®, Db2, and other IBM® z/OS® sub-systems into BMC clients’ existing Security Information and Event Management or SIEM systems and IT SOCs.
  • BMC clients will have a 360-degree view into their mainframe security compliance with a complete picture of privileged user activity, including all successful logins, session keyboard commands, specific data viewed and accessed, and more
  • Click here to read more.

CorreLog, Inc. Announces General Availability of its Latest Release of zDefender® Version 5.8.3, for Real-time Security and Compliance Monitoring on IBM® z/OS® 

  • This latest release features enhancements to events from Compuware and Micro Focus.
  • Now supports z/OS console messages and JES JOBLOG SYSOUT to allow the capture of additional events that do not go through IBM®’s z/OS System Management Facility or SMF.
  • Click here to read more.

About CorreLog

Since 2007, CorreLog, Inc. has been committed to delivering software solutions for Security and Compliance auditing professionals who need more advanced network/system security and improved adherence to PCI DSS, HIPAA, SOX, FISM, GDPR, ISO 27001, IRS Pub. 1075, NERC, and other industry standards for protecting data. Our solutions are designed to be complementary to clients' existing IT investments.

CorreLog specializes in providing the most comprehensive Security & Compliance software at the industry's lowest Total Cost of Ownership. Our solutions help secure data across both mainframe and distributed operating systems, and provide alerts with notifications in real-time to security and network operations resources. CorreLog has worked with companies across Fortune 500 to SMB class who all benefit from our ease of installation and highly interoperable approach to building software that is simple to use and master out of the box. Our customers are up and running with monitoring and alerts within just a few hours, versus weeks or even months with competing enterprise vendor solutions, Our software agent monitoring technology spans from Windows, Linus, UNIX, Mac, SAP, and databases all the way up to the largest mainframes with running IBM® z/OS®, Linux on z Systems, IBM® Db2, IBM® IMS™, and IBM® z/VM.

CorreLog has installed software and framework components used successfully by hundreds of commercial and government organizations worldwide. Our core solutions provide visibility on privilege-user activity, data integrity, FIM and application activity that may hold evidence of cyber threat, and in real time, we notify security personnel with alerts in accordance with compliance standards. For more information on CorreLog, please visit CorreLog.com.