Windows patch fixes critical cryptography bug reported by NSA

Security Digest: A roundup of security technology content from TechTarget

Security Digest Information security news and advice from TechTarget's network |January 22, 2020 FEATURED STORY NSA reports flaw in Windows cryptography core by Michael Heller, Senior Reporter Microsoft patched a critical vulnerability in how Windows validates cryptographic certificates that could lead to dangerous attacks, according to experts, and was originally reported by the NSA. Advertisement NEWS   Unpatched Citrix vulnerability expands as mitigations fall short Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability.   CyCognito turning tables by using botnets for good In this Q&A, CyCognito CEO Rob Gurzeev discusses how the platform's attack simulations work and how he plans to spend the company's recent round of funding.   McAfee CEO Chris Young steps down, Peter Leav to take over Chris Young has stepped down as McAfee CEO, and Peter Leav is taking his place. Young led the company's spin-out from Intel in 2016 after joining the chip maker two years earlier.   High-street banks face disruption three weeks after Travelex hack Travelex's foreign exchange services are still disrupted, three weeks after the company received a $6 million ransom demand from cyber gangsters. EXPERT ADVICE   Lyft's open source asset tracking tool simplifies security Security teams need information and context about data in order to keep it safe. Learn how Cartography, Lyft's open source asset tracking tool, creates highly comprehensive maps.   Compare container security companies for the best protection Securing containers can be a challenge when faced with buying the right platform. Discover these container security companies and their capabilities in this graphic.   Application security testing calls for a change in attitude It's time to take a new attitude toward application security. Learn what must be tested and the specific steps that will take your apps from vulnerable to fortified.   Craft an effective application security testing process For many reasons, only about half of all web apps get proper security evaluation and testing. Here's how to fix that stat and better protect your organization's systems and data.   Building an effective security operations center framework An effective security operations center framework includes more than just monitoring and analysis. AI and machine learning can also play a role.   Understanding the CSA Cloud Controls Matrix and CSA CAIQ Uncover how the CSA Cloud Controls Matrix and CSA CAIQ can be used to assess cloud providers' controls and risk models, ensure cloud compliance and more. About This E-Newsletter The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List