Windows DNS flaw, Spectre variant 4 fixes released in Patch Tuesday

Security Digest Information security news and advice from TechTarget's network| June 14, 2018 FEATURED STORY Spectre v4 fix and Windows DNS patch in June Patch Tuesday by Michael Heller, Senior Reporter A Windows DNS patch for both desktops and servers headlines Microsoft's June 2018 Patch Tuesday, but the release also includes mitigations for Spectre v4 and more. (SearchSecurity.com) Advertisement NEWS   North Korea hacking threat still looms despite summit Despite a summit between President Trump and North Korean leader Kim Jong Un, the threat of North Korean hacking and cyberespionage still looms large, according to experts. (SearchSecurity.com)   Posting passwords on Trello leads to latest data exposure mess Amazon Web Services and Google Groups have seen data exposures due to poor configurations by users. Now, some have accidentally shared passwords on Trello boards. (SearchCloudSecurity.com)   Apple plans to disable Facebook web tracking capabilities News roundup: Apple wants to protect its users from Facebook web tracking with the next version of Safari. Plus, genealogy website MyHeritage suffers data breach, and more. (SearchSecurity.com)   Weight Watchers exposure due to unsecured Kubernetes console Security researchers discovered an unsecured Kubernetes console leading to a Weight Watchers exposure, but, allegedly, no personal data was leaked as a result of the issue. (SearchCloudSecurity.com)   Apple iOS 12 USB Restricted Mode to foil thieves, law enforcement A rumored security feature, USB Restricted Mode, is making its premiere in Apple's iOS 12 and will protect users from brute-force passcode attacks by thieves and law enforcement alike. (SearchSecurity.com)   Risk & Repeat: More trouble for federal cybersecurity In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent federal cybersecurity report, which found the majority of agencies have significant security gaps. (SearchSecurity.com) EXPERT ADVICE   How lattice-based cryptography will improve encryption As the prospect of quantum computing-based attacks grows, the need for stronger encryption increases. Expert Michael Cobb discusses lattice-based cryptography as an option. (SearchSecurity.com)   Container orchestration: What security professionals need to know Container orchestration is a service enterprises can implement to better manage cloud application security. Expert Ed Moyle reviews what security professionals should know about it. (SearchCloudSecurity.com)   Application security programs: Establishing reasonable requirements Creating security program requirements can be a challenging task, especially with application security. In this tip, Kevin Beaver shares several ways to create an effective program. (SearchSecurity.com)   Golden SAML: How can it abuse SAML authentication protocol? CyberArk researchers created an attack called Golden SAML that uses Mimikatz techniques and applied it to a federated environment. Learn more about the attack with Nick Lewis. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.