Data breach settlement will cost Equifax up to $700 million

Security Digest Information security news and advice from TechTarget's network | July 24, 2019 FEATURED STORY Researchers fool Cylance AI antimalware with 'simple' bypass by Michael Heller, Senior Reporter Security researchers developed a method to make "pure AI" antimalware products classify malware as benign, but it is unclear what antimalware solutions could be considered "pure AI." (SearchSecurity.com) Advertisement NEWS   Equifax to pay up to $700 million in data breach settlement Under the settlement with the FTC and state attorneys general, Equifax will fork over at least $575 million in civil penalties and provide credit monitoring services to consumers. (SearchSecurity.com)   BlueKeep blues: More than 800,000 systems still unpatched Despite alerts from Microsoft and the U.S. government, more than 800,000 online systems have yet to patch the Windows RDP vulnerability two months after it was disclosed. (SearchSecurity.com)   Claroty extends platform to include IoT device security Claroty has upgraded Continuous Threat Detection to include support for IoT device security, keeping pace with the proliferation of IoT devices in the enterprise. (SearchSecurity.com)   Enzoic for Active Directory brings continuous password protection Updates to Enzoic for Active Directory include NIST-compliant Continuous Password Protection, checking passwords against a live database of common or vulnerable passwords. (SearchSecurity.com)   E-commerce platforms used for domain spoofing against Best Buy Despite efforts to flag spoofed domains imitating Best Buy, the sites are still active on e-commerce platforms like Shopify and GearLaunch, which have not taken them down. (SearchSecurity.com)   Slide deck brings BlueKeep exploit closer to the wild After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch. (SearchSecurity.com)   New ransomware threat takes GandCrab's place Researchers released GandCrab master decryption keys, and in the wake of GandCrab's shutdown, a new ransomware threat -- called Sodin or Sodinokibi -- has emerged. (SearchSecurity.com)   CyberArk brings updates to privileged access security offering CyberArk introduces CyberArk Alero to its privileged access management product lineup, in addition to other endpoint management and cloud offering updates. (SearchSecurity.com) EXPERT ADVICE   Best practices to conduct a user access review User entitlement reviews ensure employees only have access to essential systems and unauthorized employees -- or miscreants -- don't. Learn how to conduct an audit of user privileges. (SearchSecurity.com)   5 best practices to choose the right email security software Examine the five best practices and most important criteria for evaluating email security software products and deploying them in your enterprise. (SearchSecurity.com)   Understand the basics of email security gateways Email security gateways protect enterprises from threats such as spam and phishing attacks. This article explains how these products get the job done. (SearchSecurity.com)   Portrait of a CISO: Roles and responsibilities Success in the role of CISO requires security experts to wear many hats. Couple that with changes in compliance regulations and sophisticated cyberthreats, and CISOs are left with a full plate. (SearchSecurity.com) About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Security Digest, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget Security Media Group, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2019 TechTarget. All rights reserved.