Congressional report finds Equifax breach was enabled by litany of security failures

Security Digest Information security news and advice from TechTarget's network| December 19, 2018 FEATURED STORY Equifax breach report highlights multiple security failures by Michae Heller, Senior Reporter An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable. (SearchSecurity.com) Advertisement NEWS   Initial RSA Conference 2019 keynote lineup released RSA Conference 2019's diversity and inclusion initiative appears to be paying off, as the initial keynote speaker lineup has equal representation for men and women speakers. (SearchSecurity.com)   Risk & Repeat: NRCC breach stokes election security fears This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it. (SearchSecurity.com)   Facebook API bug exposed photos of 6.8 million users GDPR regulators are already investigating a new Facebook API bug the social media giant announced Friday that might have exposed photos belonging to up to 6.8 million users. (SearchSecurity.com)   Operation Sharpshooter targets infrastructure around the world Operation Sharpshooter is a recently discovered global cyberattack campaign targeting critical infrastructure organizations, including nuclear, defense and financial companies. (SearchSecurity.com)   Project Zero finds Logitech Options app critically flawed Tavis Ormandy of Google's Project Zero discovered a serious authentication vulnerability in Logitech's Options application, but the peripheral device maker has yet to address the flaw. (SearchSecurity.com)   Huawei bans set to continue despite lack of supporting evidence As the number of countries with Huawei bans in place grows, and more issue warnings, a German investigation found no evidence of spying to support the fear. (SearchSecurity.com) EXPERT ADVICE   How hackers use Docker APIs for cryptojacking Remote access puts Docker APIs in a vulnerable position. Expert Dave Shackleford explains how hackers abuse Docker APIs to carry out cryptojacking attacks. (SearchCloudSecurity.com)   Kronos banking Trojan: How does the new variant compare? Proofpoint researchers found a Kronos variant after it targeted victims in Germany, Japan and Poland. Learn how this variant compares to the original banking Trojan with Nick Lewis. (SearchSecurity.com)   How a flaw in Apple DEP misuses an MDM server Hackers are able to enroll their devices in an organization's MDM servicer via a flaw in Apple DEP. Expert Michael Cobb explains how hackers conduct these attacks. (SearchSecurity.com)   How to ensure your enterprise doesn't have compromised hardware Enterprise protections are crucial in order to guarantee the safety of your hardware. Discover best practices to guard your enterprise's hardware with Nick Lewis. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.