Wednesday, January 22, 2020

Windows patch fixes critical cryptography bug reported by NSA

 
Security Digest
Information security news and advice from TechTarget's network |January 22, 2020
TechTarget
FEATURED STORY
NSA reports flaw in Windows cryptography core

by Michael Heller, Senior Reporter

Microsoft patched a critical vulnerability in how Windows validates cryptographic certificates that could lead to dangerous attacks, according to experts, and was originally reported by the NSA.

Advertisement
NEWS
 
Unpatched Citrix vulnerability expands as mitigations fall short

Citrix discovered another product affected by last month's vulnerability, while security researchers found an attacker blocking exploits of the vulnerability.

 
CyCognito turning tables by using botnets for good
In this Q&A, CyCognito CEO Rob Gurzeev discusses how the platform's attack simulations work and how he plans to spend the company's recent round of funding.
 
McAfee CEO Chris Young steps down, Peter Leav to take over

Chris Young has stepped down as McAfee CEO, and Peter Leav is taking his place. Young led the company's spin-out from Intel in 2016 after joining the chip maker two years earlier.

 
High-street banks face disruption three weeks after Travelex hack
Travelex's foreign exchange services are still disrupted, three weeks after the company received a $6 million ransom demand from cyber gangsters.
EXPERT ADVICE
 
Lyft's open source asset tracking tool simplifies security

Security teams need information and context about data in order to keep it safe. Learn how Cartography, Lyft's open source asset tracking tool, creates highly comprehensive maps.

 
Compare container security companies for the best protection
Securing containers can be a challenge when faced with buying the right platform. Discover these container security companies and their capabilities in this graphic.
 
Application security testing calls for a change in attitude
It's time to take a new attitude toward application security. Learn what must be tested and the specific steps that will take your apps from vulnerable to fortified.
 
Craft an effective application security testing process

For many reasons, only about half of all web apps get proper security evaluation and testing. Here's how to fix that stat and better protect your organization's systems and data.

 
Building an effective security operations center framework
An effective security operations center framework includes more than just monitoring and analysis. AI and machine learning can also play a role.
 
Understanding the CSA Cloud Controls Matrix and CSA CAIQ
Uncover how the CSA Cloud Controls Matrix and CSA CAIQ can be used to assess cloud providers' controls and risk models, ensure cloud compliance and more.
About This E-Newsletter
The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US.

Click to: Unsubscribe.

You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com.

© 2019 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners.

Privacy Policy | Partners List
TechTarget

No comments: