Android provisioning flaw leaves smartphones at risk of phishing attack

Security Digest: A roundup of security technology content from TechTarget

Security Digest Information security news and advice from TechTarget's network | September 11, 2019 FEATURED STORY Chronicle: Crimeware group takedowns 'increasingly ineffectual' by Rob Wright, News Director Law enforcement takedowns of cybercrime operations may not be producing the desired results, according to an extensive, five-year study from Alphabet Inc.'s Chronicle. (SearchSecurity.com) Advertisement NEWS   Insecure Android provisioning could lead to phishing attacks Researchers say many -- if not most -- Android smartphones are at risk of SMS-based phishing attacks that trick users into installing malicious OTA provisioning settings. (SearchSecurity.com)   DerbyCon session tackles cyber attribution, false flag attacks One expert showed the crowd at DerbyCon that proper attribution of a cyberattack requires multiple indicators in order to avoid being fooled by a false flag attempt. (SearchSecurity.com)   Awake Security adds adversarial model to security platform The new feature is meant to enable companies to identify attackers faster. Other updates to the security system include extending cloud capabilities to Amazon Web Services. (SearchSecurity.com)   Gigamon launches platform to improve application visibility Application Metadata Intelligence identifies network performance, application performance, operational technology communications and security and threat detection. (SearchSecurity.com)   USBAnywhere vulnerabilities put Supermicro servers at risk Security researchers discovered BMC vulnerabilities -- dubbed USBAnywhere -- in Supermicro servers that could put systems at risk of remote attacks via virtualized USB drives. (SearchSecurity.com)   Hackers earn nearly $2M in HackerOne's hacking event One hundred hackers and 75 hackers in training gathered in Las Vegas for HackerOne's hacking event to find security flaws in organizations, including Verizon Media and GitHub. (SearchSecurity.com)   GDPR non-compliance worse than feared Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts. (ComputerWeekly.com)   Trustwave security platform provides visibility, control Trustwave Fusion is a cloud-based cybersecurity platform designed with the goal of giving users better insight into how security resources are provided and monitored. (SearchSecurity.com) EXPERT ADVICE   IoT security risks persist; here's what to do about them Nontech manufacturers building IoT devices combined with resource constraints is a recipe for disaster. It's the reality of IoT security issues, and the problem isn't going away. (SearchSecurity.com)   How does AttackSurfaceMapper help with attack surface mapping? A new open source pen testing tool expedites attack surface mapping -- one of the most important aspects of any penetration testing engagement. (SearchSecurity.com)   How to build and maintain a multi-cloud security strategy When using multiple cloud service providers, it's critical to consider your enterprise's cloud scope and the specifics of each cloud service to maintain security. (SearchCloudSecurity.com)   Why CASB tools are crucial to your cloud security CASB tools have gained traction as cloud security becomes more important. Among other features, a cloud security access broker helps companies pinpoint shadow IT. (SearchCloudSecurity.com)   What are the best criteria to use to evaluate cloud service providers? Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and third-party assessments. (SearchCloudSecurity.com)   Designing IoT security: Experts warn against cutting corners Security, though costly, is essential for IoT devices; a single breach can destroy a company's reputation. IoT security by design can avoid devastating incidents. (SearchSecurity.com) About This E-Newsletter The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List