A quick Saturday digest of cybersecurity news articles from other sources.
Think Like a Manager for the CISSP
I picked this up on Reddit/r/CISSP.
Equifax surveilled 1,000 remote workers, fired 24 found juggling two jobs
Equifax used its own worker surveillance product to spy on workers fired.
Hundreds of thousands of Americans juggled two full-time jobs in September, and nearly 4 million more mixed full-time with part-time work, the Bureau of Labor Statistics reported. This “overemployment” trend has become so popular through the pandemic that Wired reported that some workers described holding down two jobs as the cure to burnout experienced from having just one job. For remote workers, in particular, the ability to generate extra income by doing two jobs at once became so normalized, The Washington Post reported last week, that some remote workers considered it “fair” to hide a second job from their primary employers.
Some remote workers learned the hard way that not all employers consider it fair, though. This week it was reported that the credit-reporting service Equifax proved unwilling to sit idly by as its employees attempted to keep second jobs on the sly. According to Business Insider, Equifax “used one of its own products, The Work Number, to help it suss out who was holding down multiple jobs simultaneously” and then fired 24 out of 25 remote workers that its investigation uncovered. Some Equifax remote workers were juggling as many as three jobs. More…
Women in Cryptology – USPS celebrates WW2 codebreakers
What did you do in the war, Mom? Oh, y’know, a bit of this and that…
The US Postal Service just issued a commemorative stamp to remember the service of some 11,000 women cryptologists during World War 2.
Like their Bletchley Park counterparts in the UK, these wartime heros didn’t finish the war with any sort of hero’s welcome back into civilian life.
Indeed, they got no public recognition at all for the amazing physical and intellectual effort they put into decrypting and decoding enemy intelligence.
Make no mistake, this work helped enormously towards the ultimate Allied victory over both the Nazis in Europe and the Imperial Japanese in the Pacific.
As the US Post Office puts it:
“Sworn to secrecy under penalty of treason, the women cryptologists of World War II remained silent about their crucial and far-reaching contributions for decades. Today, they are widely considered STEM pioneers, especially because their wartime work coincided with the development of modern computer technology. Their contributions opened the door for women in the military and have helped shape intelligence and information security efforts for future generations.”
CISA Releases Two Industrial Control Systems Advisories
Original release date: October 18, 2022
CISA released two Industrial Control Systems (ICS) advisories on October 18, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations:
Share
OCT
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com