New model helps companies assess cybersecurity readiness

Security Digest Information security news and advice from TechTarget's network| January 30, 2019 FEATURED STORY Cybersecurity maturity model lays out four readiness levels by Johna Till Johnson, Nemertes Research To assess cybersecurity maturity, Nemertes Research developed a four-point scale to determine a company's ability to effectively detect, understand and contain breaches. (SearchSecurity.com) Advertisement NEWS   Major Apple FaceTime bug allows audio eavesdropping A new major FaceTime bug can allow someone to hear the other party's audio before they answer the call, and the issue was reported to Apple more than a week ago. (SearchSecurity.com)   SafeRide tackles connected vehicle security with machine learning SafeRide's vXRay technology aims to improve security for connected vehicles with unsupervised machine learning. Can it keep hackers out of the driver's seat? (SearchSecurity.com)   Insecure MongoDB databases expose Russian backdoor access A security researcher found more than 2,000 exposed MongoDB databases that revealed a backdoor-access account operated by the Russian government, according to a report from ZDNet. (SearchSecurity.com)   DNS hijack attacks lead to government directive from DHS Following a string of DNS hijack attacks around the globe, the Department of Homeland Security has directed federal agencies to harden defenses against DNS tampering. (SearchSecurity.com)   Google GDPR fine of $57 million sets record The Google GDPR fine of $57 million marks the first time a major tech company has been penalized under Europe's new privacy regulations. But the fine is less than the maximum allowable penalty. (SearchSecurity.com)   Dailymotion credential stuffing attacks lasted more than 6 days Video-sharing website Dailymotion reset passwords for an unknown number of users following 'large-scale' credential stuffing attacks that lasted for more than six days before being stopped. (SearchSecurity.com) EXPERT ADVICE   The evolution of the Let's Encrypt certificate authority Certificate authorities work differently since the open source Let's Encrypt project went into effect. Expert Fernando Gont explains how both CAs and Let's Encrypt operate. (SearchCloudSecurity.com)   How to defend against malicious IP addresses in the cloud Cybercriminals have found a way to use the cloud to mask their locations. Expert Rob Shapland looks at the options organizations have to deal with malicious IP addresses. (SearchSecurity.com)   Purchasing multifactor authentication tools: What to consider Find out what you need to know before investing in a multifactor authentication tool, including the drawbacks and the benefits. (SearchSecurity.com)   How a Windows antimalware tool helps endpoint security The Windows Defender Antivirus program was updated to include sandbox network security. Learn why this is so important and why security professionals have been asking for it. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2019 TechTarget. All rights reserved.