Wednesday, August 26, 2020

Cat-astrophic 'meow' database attacks continue; Plus, vishing warning issued

 
Security Digest
Information security news and advice from TechTarget's network |August 26, 2020
TechTarget
FEATURED STORY
'Meow' attacks top 25,000 exposed databases, services

by Arielle Waldman, News Writer

One month after the notorious 'meow' attacks were first detected, the threat to misconfigured databases exposed on the internet shows little sign of slowing down.

Advertisement
NEWS
 
FBI and CISA issue vishing campaign warning

The FBI and CISA have issued a joint advisory related to a vishing campaign that began in mid-July, with numerous attacks that gained access to corporate VPN credentials.

 
Apache Struts vulnerabilities allow remote code execution, DoS
The Apache Software Foundation issued security advisories last week for two Apache Struts vulnerabilities that were originally patched but not fully disclosed last fall.
 
Claroty: 70% of ICS vulnerabilities are remotely exploitable

Out of 365 ICS vulnerabilities that were disclosed by the National Vulnerability Database in the first half of 2020, Claroty found more than 70% can be remotely exploited.

 
Microsoft wins on public cloud trust
IT spending is set to grow in 2021, with many organizations buying more public cloud services. Security and trust are top buying criteria.
EXPERT ADVICE
 
The 7 elements of an enterprise cybersecurity culture

An effective 'human firewall' can prevent or mitigate many of the threats enterprises face today. Adopt these seven elements of a culture of cybersecurity to defend against risks.

 
Zero-trust use cases highlight both its benefits and misconceptions
For many organizations, zero trust remains an abstract security idea. Zero-trust use cases demonstrate the concept's real-world benefits but also expose its drawbacks.
 
Getting physical with data center security
Whether it is natural disasters, terrorism or break-ins, data centers will be vulnerable to a range of risks unless they are physically secured. Here's how you can improve the physical security of your data center.
 
Enterprise cybersecurity hygiene checklist for 2020

Cybersecurity hygiene in the enterprise must be a shared responsibility between employees and employers. Follow these steps to get the job done by both.

 
Cybersecurity new normal needs change in process, CISOs say
As CISOs face an increasingly remote workforce, they need to confront past security mistakes, while adjusting to cybersecurity's new normal.
 
CISSP practice exam questions and answers
Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill.
About This E-Newsletter
The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US.

Click to: Unsubscribe.

You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com.

© 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners.

Privacy Policy | Partners List
TechTarget

No comments: