Wednesday, December 19, 2018

Congressional report finds Equifax breach was enabled by litany of security failures

Security Digest
Information security news and advice from TechTarget's network| December 19, 2018
TechTarget
FEATURED STORY
Equifax breach report highlights multiple security failures
by Michae Heller, Senior Reporter
An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable. (SearchSecurity.com)
Advertisement
NEWS
 
Initial RSA Conference 2019 keynote lineup released
RSA Conference 2019's diversity and inclusion initiative appears to be paying off, as the initial keynote speaker lineup has equal representation for men and women speakers. (SearchSecurity.com)
 
Risk & Repeat: NRCC breach stokes election security fears
This week's Risk & Repeat podcast looks at the recently disclosed cyberattack on the National Republican Congressional Committee and the questions that remain about it. (SearchSecurity.com)
 
Facebook API bug exposed photos of 6.8 million users
GDPR regulators are already investigating a new Facebook API bug the social media giant announced Friday that might have exposed photos belonging to up to 6.8 million users. (SearchSecurity.com)
 
Operation Sharpshooter targets infrastructure around the world
Operation Sharpshooter is a recently discovered global cyberattack campaign targeting critical infrastructure organizations, including nuclear, defense and financial companies. (SearchSecurity.com)
 
Project Zero finds Logitech Options app critically flawed
Tavis Ormandy of Google's Project Zero discovered a serious authentication vulnerability in Logitech's Options application, but the peripheral device maker has yet to address the flaw. (SearchSecurity.com)
 
Huawei bans set to continue despite lack of supporting evidence
As the number of countries with Huawei bans in place grows, and more issue warnings, a German investigation found no evidence of spying to support the fear. (SearchSecurity.com)
EXPERT ADVICE
 
How hackers use Docker APIs for cryptojacking
Remote access puts Docker APIs in a vulnerable position. Expert Dave Shackleford explains how hackers abuse Docker APIs to carry out cryptojacking attacks. (SearchCloudSecurity.com)
 
Kronos banking Trojan: How does the new variant compare?
Proofpoint researchers found a Kronos variant after it targeted victims in Germany, Japan and Poland. Learn how this variant compares to the original banking Trojan with Nick Lewis. (SearchSecurity.com)
 
How a flaw in Apple DEP misuses an MDM server
Hackers are able to enroll their devices in an organization's MDM servicer via a flaw in Apple DEP. Expert Michael Cobb explains how hackers conduct these attacks. (SearchSecurity.com)
 
How to ensure your enterprise doesn't have compromised hardware
Enterprise protections are crucial in order to guarantee the safety of your hardware. Discover best practices to guard your enterprise's hardware with Nick Lewis. (SearchSecurity.com)
About This E-Newsletter
This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for.

TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com

Copyright 2018 TechTarget. All rights reserved.
TechTarget

No comments: