U.S. Post Office exposed customer data for more than a year

Security Digest Information security news and advice from TechTarget's network| November 29, 2018 FEATURED STORY USPS website flaw exposed data for one year by Michae Heller, Senior Reporter The U.S. Postal Service inadvertently exposed the data of 60 million users and has only just fixed the underlying website flaw, despite being notified of the issue one year ago. (SearchSecurity.com) Advertisement NEWS   Botnet takedown snares 3ve, Methbot ad fraud campaigns The Justice Department indicted eight individuals accused of running major ad fraud campaigns, including the 3ve botnet, which generated millions of dollars in fake ad revenue. (SearchSecurity.com)   DeepMasterPrints fake fingerprints can fool fingerprint sensors Researchers have developed AI-generated synthetic fingerprints -- known as DeepMasterPrints -- that can spoof biometric scanners and potentially be used to launch practical attacks. (SearchSecurity.com)   Compromised NPM package highlights open source trouble A compromised NPM package targeted a popular bitcoin wallet with cryptocurrency-stealing code and experts say the issue highlights the lack of a chain of trust in open source software. (SearchSecurity.com)   Risk & Repeat: Who's to blame for bad passwords? This week's Risk & Repeat podcast discusses whether users are responsible for creating and reusing weak passwords or if the technology systems themselves are to blame. (SearchSecurity.com) EXPERT ADVICE   Is network traffic monitoring still relevant today? An increase in DNS protocol variants has led to a higher demand for network traffic monitoring. The SANS Institute's Johannes Ullrich explains what this means for enterprises. (SearchSecurity.com)   How bring-your-own-land attacks are challenging enterprises FireEye researchers developed a new technique called bring your own land, which involves attackers creating their own tools. Discover more about how this works with Nick Lewis. (SearchSecurity.com)   How to configure a vTAP for cloud networks A vTAP can give enterprises better visibility into their cloud networks. Expert Frank Siemons of InfoSec Institute explains how virtual network TAPs work and the available options. (SearchCloudSecurity.com)   How did the Emotet banking Trojan lead to a rise in attacks? A report on cybercrime shows a rise in banking Trojans, such as Emotet, targeting businesses over consumers. Malwarebytes' Adam Kujawa shares his thoughts on what's behind this shift. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.