Cat-astrophic 'meow' database attacks continue; Plus, vishing warning issued

Security Digest: A roundup of security technology content from TechTarget

Security Digest Information security news and advice from TechTarget's network |August 26, 2020 FEATURED STORY 'Meow' attacks top 25,000 exposed databases, services by Arielle Waldman, News Writer One month after the notorious 'meow' attacks were first detected, the threat to misconfigured databases exposed on the internet shows little sign of slowing down. Advertisement NEWS   FBI and CISA issue vishing campaign warning The FBI and CISA have issued a joint advisory related to a vishing campaign that began in mid-July, with numerous attacks that gained access to corporate VPN credentials.   Apache Struts vulnerabilities allow remote code execution, DoS The Apache Software Foundation issued security advisories last week for two Apache Struts vulnerabilities that were originally patched but not fully disclosed last fall.   Claroty: 70% of ICS vulnerabilities are remotely exploitable Out of 365 ICS vulnerabilities that were disclosed by the National Vulnerability Database in the first half of 2020, Claroty found more than 70% can be remotely exploited.   Microsoft wins on public cloud trust IT spending is set to grow in 2021, with many organizations buying more public cloud services. Security and trust are top buying criteria. EXPERT ADVICE   The 7 elements of an enterprise cybersecurity culture An effective 'human firewall' can prevent or mitigate many of the threats enterprises face today. Adopt these seven elements of a culture of cybersecurity to defend against risks.   Zero-trust use cases highlight both its benefits and misconceptions For many organizations, zero trust remains an abstract security idea. Zero-trust use cases demonstrate the concept's real-world benefits but also expose its drawbacks.   Getting physical with data center security Whether it is natural disasters, terrorism or break-ins, data centers will be vulnerable to a range of risks unless they are physically secured. Here's how you can improve the physical security of your data center.   Enterprise cybersecurity hygiene checklist for 2020 Cybersecurity hygiene in the enterprise must be a shared responsibility between employees and employers. Follow these steps to get the job done by both.   Cybersecurity new normal needs change in process, CISOs say As CISOs face an increasingly remote workforce, they need to confront past security mistakes, while adjusting to cybersecurity's new normal.   CISSP practice exam questions and answers Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill. About This E-Newsletter The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List