Here are the top cyber news and stories of the day.
- Evernote Hack Exposes User Data, Forces Extensive Password Resets - If you are an Evernote user, chances are you got quite the shock this weekend. Evernote forced a manual reset for all of its users, and “About 50 million passwords have been changed following the breach. The hackers accessed usernames, email addresses and encrypted passwords. The company is now requiring its users to update their passwords. To facilitate this, Evernote is releasing app updates.” Via Threat Level, more here.
- CSA: What are 2013’s top cloud security threats? The Cloud Security Alliance (CSA) has released their “notorious nine” threats for cloud computing in 2013. The list is headlined by data loss and data breaches, but also includes problems such as insecure APIs (and six others).
- How to use the rogue cloud to innovate the right cloud – Many IT employees are circumventing controls to use public clouds to help them innovate. This increases the attack surface of a firm, without the IT department realizing the issues. However, there are ways to turn the use of rogue clouds into a capability multiplier. Integrating cloud services, even as testbeds or sandboxes will add a great deal of value to IT departments. Via ComputerWorld, more here.
- Budget cuts bite into cybersecurity – ‘”resource crunch we’re all facing today, whether that’s sequestration or whether that’s just the fact that IT budgets are getting rounded down,” said Jeff Eisensmith, chief information security officer at the Department of Homeland Security.’ This very real resource crunch is taking away from discretionary spending, one source of income from which many cyber programs are funded. Via Federal Times, more here.
- Cloud use grows, and so does security threat – Security researchers and professionals are pointing to a recent rash of cloud breaches as evidence of the lack of foresight and care paid to cloud programs. Research suggest cloud subscribers will reach 1.3B in 2017, up from the 625M currently subscribing. While clouds can surely be capability multipliers, they must be integrated smartly and sanely. Via Mercury News, more here.