Symantec in trouble again over improperly issued certificates

Security Digest Information security news and advice from TechTarget's network | January 25, 2017 FEATURED STORY Certificate Transparency snags Symantec CA for improper certs by Peter Loshin, Site Editor Symantec CA could be in for more trouble after a security researcher, using Certificate Transparency logs, discovered more than 100 improperly issued certificates. (SearchSecurity.com) Advertisement NEWS   Future of the federal CISO position in question as Touhill steps down Retired Brig. Gen. Gregory Touhill stepped down as the federal CISO, leaving questions surrounding the future of the position and the work he has done. (SearchSecurity.com)   Windows 10 security tackles exploits, while Windows 7 gets a warning As Microsoft touted its Windows 10 security features defeating unpatched zero-day vulnerabilities, it also warned customers about security issues with Windows 7. (SearchSecurity.com)   Tatu Ylonen: Bad SSH security practices are exposing enterprises SSH creator Tatu Ylonen talks with SearchSecurity about how the cryptographic network protocol has grown over the years and why poor SSH security is jeopardizing enterprises today. (SearchSecurity.com)   Carbanak gang using Google services for command and control Researchers find the Carbanak gang has evolved its attacks on financial institutions to use Google services for command and control infrastructure in malware. (SearchSecurity.com)   US-CERT reminds users that Windows SMB v1 needs to die Experts say US-CERT is taking advantage of a potential -- but unverified -- vulnerability in Windows SMB v1 to remind enterprise users the outdated service should be disabled. (SearchSecurity.com)   Risk & Repeat: Doxware emerges as a new threat to data privacy In this episode of SearchSecurity's Risk & Repeat podcast, editors discuss the emergence of doxware and extortionware and what that means for enterprises and their employees. (SearchSecurity.com) EXPERT ADVICE   Monitoring outbound traffic on your network: What to look for Outbound network traffic remains a weakness for many enterprises and is a major attack vector. Expert Kevin Beaver explains how to spot irregular occurrences in your network. (SearchSecurity.com)   How to effectively manage the cloud logs of security events Cloud logs of security events produce an abundance of data. Expert Dave Shackleford discusses how to filter through it and get to the important security events. (SearchCloudSecurity.com)   How to develop a strategic security plan for enterprises Developing a strategic security plan for an enterprise can be a complicated task. Expert Ernie Hayden provides an overview to help CISOs make an effective plan. (SearchSecurity.com)   How does Stampado ransomware spread to external drives? The Stampado ransomware is a low-cost threat to networks and external drives. Expert Matthew Pascucci explains how Stampado works and how enterprises should handle it. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2016 TechTarget. All rights reserved.