Cybersecurity workforce shortage at nearly 500,000 in North America, according to (ISC)2

Security Digest Information security news and advice from TechTarget's network| October 24, 2018 FEATURED STORY (ISC)2: Cybersecurity workforce shortage nears 3 million worldwide by Kathleen Richards, Features Editor With a workforce in short supply, the skills gap has affected the professional growth of security pros worldwide, an (ISC)2 Cybersecurity Workforce Study found. (SearchSecurity.com) Advertisement NEWS   Healthcare.gov breach exposes data on 75,000 people Malicious actors attacked a back-end insurance system and the resulting Healthcare.gov breach exposed an unknown amount of data on 75,000 people. (SearchSecurity.com)   Facebook hack the work of spammers, not foreign adversary News roundup: The Facebook hack was the work of spammers, according to The Wall Street Journal. Plus, 35 million voter records are for sale on the dark web, and more. (SearchSecurity.com)   Zero-day jQuery plugin vulnerability exploited for 3 years A zero-day in jQuery File Upload could affect thousands of projects because the jQuery plugin vulnerability has existed for eight years and actively exploited for at least three years. (SearchSecurity.com)   GreyEnergy threat group detected attacking high-value targets Researchers claim a new threat group called GreyEnergy is the successor to BlackEnergy, but experts are unsure if the evidence supports the claims or warnings of future attacks. (SearchSecurity.com)   New libSSH vulnerability gives root access to servers A 4-year-old libSSH vulnerability can allow attackers to easily log in to servers with full administrative control, but it is still unclear exactly how many devices are at risk. (SearchSecurity.com)   Risk & Repeat: Military cybersecurity scrutinized in GAO report This week's Risk & Repeat podcast discusses the GAO report on vulnerabilities and weaknesses in modern weapons systems and what they mean for the U.S. military. (SearchSecurity.com) EXPERT ADVICE   The implications of the NetSpectre vulnerability The NetSpectre vulnerability could enable a slow leak of data remotely via side channels. Expert Michael Cobb explains why data on secure microprocessors is not actually safe. (SearchSecurity.com)   The time to consider SIEM as a service has arrived Now even your SIEM comes in the as-a-service model. Assess whether it's time to consider outsourcing this fundamental tool in your defense lineup. (SearchCloudSecurity.com)   How to monitor AWS credentials with the new Trailblazer tool A security researcher introduced a tool called Trailblazer, which aims to simplify monitoring AWS credentials. Expert Dave Shackleford explains how it can bolster cloud security. (SearchCloudSecurity.com)   What are DMARC records and can they improve email security? Last year, the U.S. federal government mandated that by October 2018, all agencies must have DMARC policies in place. Learn how complicated this requirement is with Judith Myerson. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.